cds-hooks / docs

CDS Hooks website & specification
http://cds-hooks.org
Apache License 2.0
166 stars 61 forks source link

Patient-view and risks for inappropriate advice #503

Open bvdh opened 5 years ago

bvdh commented 5 years ago

Some key CDS-Hooks use cases include:

  1. Show card based on FHIR data
  2. Show multiple cards relate to the same FHIR/context data, possibly from different CDS-Services

This makes the following scenario's possible:

These scenario's both introduce significant and potentially dangerous situations. This raises the question of what use of the patient-view hook is justified that does not introduce these risks? If none, we should not publish the hook. If some, we should mention those, mention the risks and state that the patient-view SHALL not be used for such advice.

In practice this severely limits the use the patient-view. Addressing these issues might very well requiring new testing. As a result, one could even wonder whether the required changes are compatible with a maturity-level of 4.....

isaacvetter commented 5 years ago

Hey @bvdh,

At root - you're struggling to define how different CDS clients implement workflow and UI as it relates to the display of external CDS.

Should CDS Hooks really attempt to define this behavior? Our approach thus far has been to not prescribe cds client UI.

Would non-normative track recommendations for cds client behavior address your concerns?

Isaac

isaacvetter commented 5 years ago

Bas,

Do note that we do try to call out a related risk already in the spec:

The risk that a CDS Service could return a decision based on outdated patient data, resulting in a safety risk to the patient.

https://cds-hooks.org/specification/1.0/#security-and-safety

brynrhodes commented 5 years ago

Add documentation to note: For more information on patient safety issues see Security & Safety.