[WG-HealthIDAssurance] HIAWG agenda for tomorrow 01/09/2020 at 2 PM ET

Tom (Thomas) Sullivan tsullivan at drfirst.com
Thu Jan 9 03:34:33 UTC 2020

HIAWG participants:

Here is the draft agenda for tomorrow following up from our last meeting on 12/12/19 along with some of the notes from the call.  The information below and attachments reflect our recommended edits from the last call though I may have inadvertently omitted some of the changes.


Healthcare - HIA WG and IDEF sub WG Created by: kantarainitiative at gmail.com

Time     2pm‎ - ‎3pm‎‎ (Eastern Time - New York)
Date      Thursday, January 9, 2020
Where   GoToMeeting (GTM2)
Description: Occurs every other Thursday of the month at 2:00 PM US Eastern Time --- zone converter: www.thetimenow.com/timezone-converter.php<http://www.thetimenow.com/timezone-converter.php>

 Please join our meeting from your computer, tablet or smartphone. https://global.gotomeeting.com/join/485071053

Access Code: 485-071-053

1.  Roll Call: Tom Sullivan and Jim Kragh.

2. Recent emails, meetings and discussions: Anyone?   Jim Kragh and Tom Jones will discuss progress on discussions with the Carin Alliance and updates around the Agile group topics​

3.  Here are recommendations from Martin Smith and Tom Jones for edits to our ID Design principles in Red  fonts and two words added in underlined italics in Principle 8:

Please offer any additional edits to make this better.


From Martin Smith  (12.4.19)


Approved 12/12/19:  Kantara’s Healthcare Identity Assurance Working Group (HIAWG) is building on the work of the Healthcare Committee of the former Identity Ecosystem Steering Group (IDESG) towards defining high-level design goals for an identity architecture for the national healthcare sector. This healthcare-specific architecture should meet the requirements of that sector while also maintaining alignment with the IDESG’s non-sector-specific Identity Ecosystem Framework (IDEF), which is itself designed to conform to the principles of the 2012 National Strategy for Trusted Identities in Cyberspace (NSTIC.)

The Core Principles in Healthcare Identity Design are the IDESG Healthcare Committee design principles as updated by the HIAWG. The attached pdf and spreadsheet (NSTIC any. Alignment . . . ) represents an attempt to map the Core Healthcare Design Principles to NSTIC Principles. Two results of this exercise are notable:

First, in some specific cases the WG concluded that a Healthcare Design Principle was not related to any NSTIC Principle, or even negatively related;

Second, in many cases the HIAWG members brought different interpretations of a Principle or focused on different aspects of how a particular Healthcare Design Principle might relate to one of the NSTIC Principles.

For example, some in the WG interpreted the NSTIC Principle of “Voluntary” as meaning that individuals would have control of their identity information, whereas others, citing the political context in which the NSTIC was created, thought it meant that the Government should not mandate use of the IDEF (or any specific framework) by relying parties or subscribers (individual users.)

The Comments in the Alignment table and the HIAWG Member Comments on individual mappings provide some insight into what interpretations and assumptions underlie the alignment scores.

 Core Principles in Healthcare Identity/Identifier Design

1.    100% accuracy in identity management/matching
2.    "Break the Glass" in emergencies despite violating privacy rights. Notices or receipts should be sent to the patient and healthcare proxy whenever BTG is invoked.
3.    The need for relative anonymity and the use of pseudonyms to manage privacy issues in selected circumstances and where desired by the patient. "You must first be known in order to become anonymous"
4.    The need for robust audit trails including precise time stamping when changes are made.
5.     The importance of patient safety and also of liability surrounding inaccurate or conflicting/duplicate identities
6.     The need to easily delegate or designate a "proxy" with a strong identity/Identifier set and credentials to access records online with significant "ease of use" i.e. IAL2 and AAL2 for patients

7.    The need to promote “strong” multi- factor authentication as a requirement to enhance security

8.   ​New proposal:  Approved as amended 12/12/19: All electronic health record repositories need to convey the means of identity proofing and authentication e.g. based on NIST SP 800-63-3,for the subject of the EHR as part of granting access to the  EHR.  As part of granting access to an EHR Repository, the identity assurance/proofing and authentication rules  need to be explained before  granting access to a subject’s EHR, Portal or other certified record storage system.

 9.     Resilience, namely the ability “to recover and adapt to drastic and abrupt change”.

10.  Legal, statutory redress must be available in the event of  online identity fraud, abuse or significant negligence of agreed upon core principles of HC Identity Design ​​  Liability Insurance is recommended in addition or as an alternative to the statutory requirement

11.  You can’t steal a person’s identity, but identifier theft is very common.

(See Attachments )Alignment between IDESG HC /Kantara Health ID Assurance Core Principles and NSTIC Principles (See attachments)

Aligned: "Yes", "No" or " Not Applicable"         1-5 scale of strength of relationship

12/12/19 Martin will provide additional clean up of the comments below to place them in proximity to the spreadsheet in the prior separate attachment

HIAWG Member comments on individual cell scores. New Cell numbers in Red font . See Spreadsheet attachment [TES]

Cell: C8     B5           Comment: Martin Smith:              Marginal extra protection against inadvertent disclosure of ID or medical info.

Cell: E8     D5          Comment: Martin Smith:              Cyber-attack on ID scored under 7 (MFA). This is for few errors: patient safety & less provider liability

Cell: H8     G5          Comment: Martin Smith:              Zero errors = unlimited cost.

Cell: C11    B6         Comment: Martin Smith:              Only minor negative impact from no prior consent, especially with accountability via audit.

Cell: D11    C6         Comment: Martin Smith:              Very minor compromise of consent esp. if consent is granted in advance for emergency.

Cell: I11     H6         Comment: Martin Smith:              Good BTG implementation provides clear, quick path for appropriate emergency response.

Cell: D14    C7         Comment: Martin Smith:              "Voluntary" interpreted as "maximum user control" (not the original meaning which was related to concern about mandated govt IDs.)

Cell: E14     D7         Comment: Martin Smith:              May inhibit some authorized forensics but tech is available to implement with reasonable limitations.

Cell: G14     F7         Comment: Martin Smith:              Adds another requirement on all federating participants. Immature standards.

Cell: H14     G7        Comment: Martin Smith:              Adds cost to implement for all federating participants.

Cell: C17      B8         Comment: Martin Smith:             Provides accountability that will inhibit unauthorized info access (e.g. "browsing.)

Cell: D17     C8         Comment: Martin Smith:              Compromises anonymity but only by authorized agents.

Cell: F17      E8         Comment: Martin Smith:              Not the main resource for restoring data after a disaster or compromise but might contribute in some cases.

Cell: G17     F8         Comment: Martin Smith:              Small positive score for precise timestamping.

Cell: F20     E10          Comment: Martin Smith:              High score because loss of IAM function likely means loss of access to medical systems and records.

Cell: H20     G10          Comment: Martin Smith:              Highly reliable and secure systems cost a lot to implement and operate (but less that the potential liability, presumably!)


4. Jim Kragh and Tom Jones, updates:

Was there any feedback following the 11/13/19 call?

The open issue is enforcing compliance with the code of conduct.


Peace ..tom


                   2) other updates? from 12/12/20 e.g. Agile workgroup on a streamlined proposal for ID proofing and Authentication (IAL2 & AAL2) consistent with open source standards?  Response: 12/12/19 Sal D’Agostino provided an update to the work of the agile workgroup, stating that they are nearing finalization of the current draft.

5. New business: TBD...


​6.   Next Meeting/Conference call schedule: We will invite guest speakers where appropriate.

                              a.) Regularly scheduled Conference calls, every other Thursday at 2 PM ET:

January  23rd  2020 was approved as the next meeting date (12/12/19)

 Thomas E Sullivan, MD

Chief Strategic Officer
Chief Privacy Officer
[Description: Description: DrFirst_OneLiner_OneLiner_Main]
 DrFirst.com, Inc.
(978) 729-5075 (M)
tsullivan at drfirst.com<mailto:tsullivan at drfirst.com>
sullivan at massmed.org<mailto:sullivan at massmed.org>

Notice of Confidentiality: The information included and/or attached in this electronic mail transmission may contain confidential or privileged information and is intended for the addressee. Any unauthorized disclosure, reproduction, distribution or the taking of action in reliance on the contents of the information is prohibited. If you believe that you have received the message in error, please notify the sender by reply transmission and delete the message without copying or disclosing it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-healthidassurance/attachments/20200109/0910edfb/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NSTIC and Healthcare ID design compared v6a.xlsx
Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
Size: 18528 bytes
Desc: NSTIC and Healthcare ID design compared v6a.xlsx
URL: <http://kantarainitiative.org/pipermail/wg-healthidassurance/attachments/20200109/0910edfb/attachment-0001.xlsx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NSTIC and Healthcare ID design compared v6 b.pdf
Type: application/pdf
Size: 124647 bytes
Desc: NSTIC and Healthcare ID design compared v6 b.pdf
URL: <http://kantarainitiative.org/pipermail/wg-healthidassurance/attachments/20200109/0910edfb/attachment-0001.pdf>

More information about the WG-HealthIDAssurance mailing list