*Attendees*
Paul Jolly, AAMC
June Moody, AAMC
Eric Pan, Harvard Medical School
Dave Damassa, Tufts
Renee Frost, Internet2
Morgan Passiment, AAMC
Jack Buchanan, Memphis
Mary Kratz, Internet2
Steve Olshansky, Internet2
Jeanette Fielden, Internet2

*Discussion*
As discussed in the November 14, 2002 call, AAMC has a Group on Information Resources (GIR) team that is working with U. Cincinnatti on a live pilot project of remotely hosted web courses for OSHA compliance training. This is an inter-institutional project where those affiliations are asked for but not currently validated. The pilot involves both clinical and academic practice groups in the Cincinnati area. The pilot is focused on how you share training modules between any institutions. So an institution would be able to use material that they thought was useful to them and insert it into their training. The infrastructure was developed by U. Cincinnati and they are open to sharing it with other projects.

[AI] Morgan has an outline of the project that she will mail to the group.

Currently the pilot is compliance training for blood-borne pathogens but could be extended to include training on HIPAA compliance modules that can be either generic or specific to a given institution. There has been discussion how affiliated institutions could certify people for HIPAA so these people would be not have to be recertified as they move between institutions.

This kind of project could work with Shibboleth to authenticate users. In addition to authentication Shibboleth could determine which modules to present you that are local to your training. There is a Shibboleth project currently under way focused on digital library content providers and a number of universities.

[AI] Steve will mail Shibboleth overview information to the list.

The initial MedMid scenarios are close to being ready and just need some finalization work. Keith has done some consolidation of requirements across scenarios and is mapping them against other work in the middleware space. The next step is to look for likely pilot opportunities and the AAMC/U. Cincinnati pilot appears to be a very good candidate in trying to operationalize one of the scenarios.

HIPAA related projects are also promising since there is an April deadline, and the possibility for being able to re-use large parts of material for multiple institutions is good. People are aware training needs to happen but not all institutions have started training, they're still working on what exactly the procedures will be before starting training, so the opportunity to use modules already in existence may be very useful to them. As an example, there's mandated training on animal use and human subjects from the NIH. There are a fair number of web-based programs that are being shared by institutions for training and testing/certification with shared modules but separate registration.

There is interest in a pilot that would share directory information between hospitals and medical centers. It would also be critical to be aware of what is happening in these areas, directories and training, with the main campus in addition to the medical institution to leverage off other campus efforts where they exist. For example, Tufts medical campus is going to use the main Tufts university authentication server as of January 1, 2003 for all account management.

The next call will be 14:00 EST January 9, 2003. Agenda and bridge info will be sent out before the call.