Versions Compared

Old Version 3

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Date

2018-12-12

...

  1. Call to order
    1. Roll Call & Determination of quorum status
    2. Reminder about the Group Participation Agreement
    3. Agenda bashing
    4. Kantara Organization updates 
  2. Introductions
  3. Discuss the discussion group 
    1. Goals, approach, desired outcomes (Charter material)
    2. Terminology page
    3. Use case template page
    4. Call for Vice-Chair, Secretary nominations
  4. Discuss DG Schedule
  5. Standing agenda items
    1. Schedule status updates
    2. Contributions status updates
    3. Writing teams status updates
  6. All Other Business (AOB)
  7. Adjourn

...

Time

Item

Who

Notes

5 min
  • Call to order
  • GPA reminder
  • Roll call
  • Agenda bashing
  • Organization updates
Chair



Introductions

All

Welcome!



Discuss the discussion group 

    1. Goals, approach, desired outcomes (Charter material)
    2. Terminology page
    3. Use case template page
Chair





Schedule updates

  • Status
  • Issues
  • Next period plan
Chair

calendar
id308e504f-b7f1-4b7c-90ae-ac5684fb7c65


Contributions updates

  • Status
  • Issues
  • Next period plan

Chair

Use Case Contributions

UC01 New patient registration current.pdf

UC02 New patient registration future.pdf

  • Catherine walked through the current state use case for patient registration (proofing)
    • Note that the preconditions are significant for Healthcare scenarios
    • PII collected at registration is collected to identify and lookup the patient for verification and de-duplication
    • The query step occurs because even if the patient has never visited the org, they might be in the EMR for other reasons - visit related organization, mergers/acquisitions of other orgs, etc
    • Patient Insurance Confirmation - this is included to contrast that this is NOT an identity assurance process - eligibility check
  • Future state process walkthrough
    • There are initiatives moving towards this future state where identity proofing / assurance is mandatory - e.g. NIST 800-63-3 IAL2
    • Note that patient still gets health care even if they do not achieve IAL2
    • Note the increase of machine processing and assistance used to increase assurance
    • Note that there are alternate flows not described for undocumented patients like the very young
  • Q: Does this cover subsequent-visit authentication? A: Correct - these are about NEW patient proofing, not returning patient. There's another set for returning patient.
    • Increasing use of biometric identification/authenticators for returning users - palm vein, fingerprint - used to locate the correct clinical records.
  • Q: Is the mention of IAL2 deliberate? A: Yes - there are incoming regulations that will require it.
  • Q: Which version of 800-63? A: 800-63-3 - will specify that reference in future revisions
  • Q: 63-3 requires verification with issuer - how do you do this? A: Credential document validation can be done by companies like IDEMIA and others. Then do a biometric compare of license to physical person. 
  • Q: Don't see how the non-actor stakeholders interests are met - e.g. if the person failed identity assurance how are their interests met - e.g. if not identified, then insurance payment needs not met - what alternative flows need to be documented to satisfy those stakeholder needs?

Writing teams updates

  • Status
  • Issues
  • Next period plan

Chair


...