2020-10-15 Meeting notes

Date

Attendees

Goals

  • Per distributed agenda

Discussion items

TimeItemWhoNotes
5 MinCall to order and roll callFormer user (Deleted)
  • Quorate
  • Recording!
5 MinApproval of draft minutes of Oct 1, 2020Former user (Deleted)
  • Approved
10 mins

Noteworthy news and member activities


None offered.




30 mins

Unfinished business - Jim Kragh's Workgroup draft of Identity and mobile support - final revision???.  See 2 attachments (JK and TES) including my suggested edits to Jim's draft. The intent is to synchronize the two Workgroup's products.  I have not received any recommendations since the last call.  See the original 2 attachments (JK and TES Profiles of Digital Users)

Former user (Deleted) notes that no comment received ex the ones regarding Sec V – Redress and Recovers.  Sending the paper back to FIRE group. Jim Kragh says revised will be brought back to HIAWG. 



5 mins

New/other business:  Comments on the Foster bill in Congress on "Better Identity"?  Mari Savickis from CHIME asked what we think about it.  It is being promoted by the Better Identity Coalition led by Jeremy Grant.  https://www.betteridentity.org/

Cassie Leonard participating for CHIME.  Former user (Deleted)notes he understands that the bill will not get much attention this CY.  Cassie recaps bill history. 23 members in coalition pushing the bill. Mostly financials so far; discussing the possibility  of CHIME joining. Goal is to reintroduce bill next session. CHIME assessing whether this is relevant to healthcare and should be supported. Might not support the DHS grant provisions. 

Carmen:  think bill introduced next year may be revised. Believe reason healthcare is not in this version is because of the "national identifier" being controversial. 

Martin inserted into Chat comments from prior emails from Tom J and Martin.–see Notes here.

Patient ID Now:  Carmen agrees with Jim Kragh that they seem to have some traction and might be useful to engage.  CHIME is a member of Patient ID Now. Can see if they want to provide comments on Foster Bill. 

Former user (Deleted) Is there any opposition to HIAWG taking a position favoring repeal of Sec 510 (patient ID research funding prohibition)?  (None expressed.) Former user (Deleted) asks Former user (Deleted) to clear any official position taken externally by HIAWG with KI LC. 

Repeal has been passed twice by the House. Biggest obstacle to repeal is in Senate where these is no champion and some opposition. 

Tom Jones opposed to taking a US-centric political position, vs. developing a framework not dependent on a universal identifier.  Former user (Deleted) cautions that HIAWG has already taken a position in September that one ID is not enough. 

Former user (Deleted) proposes we take position to repeal 510, "to allow HHS to fund research on identity in healthcare." No strenuous objection. 



On 9/17/2020 4:34 PM, Tom Jones wrote:
Not sure if any group is planning to propose anything related to this bill, to Jeremy or anyone else, but here are my thoughts.
1. The HHS, CMS and ONC are not represented in spite of having the biggest ID issue in the government as of today. That MUST be remedied.
2. I really am not interested in private individuals engaged in a federal task for the government one way or the other, but would like to see a requirement that NIST include them in the framework that they create.

Tom/all --

Agree with Tom's #1. Regarding #2, I agree that adding private-sector individuals is not the goal so much as leveraging existing frameworks, supporting a competitive environment for solutions (products and services), and aiming for a system that meets the requirements of a wide variety of use-cases (vs. Fed only.)

My additional recommended suggestions would be:

1. Re-frame the role of governments (at least the Fed Govt) to be a provider of authentication- and authorization-related attributes which are collected or created under the unique authorities of Government. There's plenty of work needed here to make sure access to these attributes is appropriately limited/secured and to make them efficiently available for ID proofing (authN attributes) or binding to an authentication identifier (AuthZ attributes) in any IAM transactions where they are relevant. Certainly the Government will continue to issue passports, but it's not a good idea to suggest that the Government will be the sole or even the main issuer of all-purpose credentials.

2. Revise the definition of "Identity Credential" to allow those NOT issued by governments. As-is: "(2) IDENTITY CREDENTIAL.—The term ‘‘identity credential’’ means a document or other evidence of the identity of an individual issued by a government agency that conveys the identity of the individual, including a driver’s license or passport."

3. Add language emphasizing Fed adoption/adaptation of existing "best practices" frameworks to achieve xALx-type functionality (vs. invention of "yet another framework.")

4. Add a plug for international interoperability as a desirable goal

5. Editorial: The use of the word "government" is inconsistent, sometimes appearing to refer just to the US Federal Government and sometimes to include State and local governments. Suggest making sure each reference is clear.

Martin

5 minsAction follow-ups, next meeting date, and adjournNext meeting 10/29




Actions:

  1.  Former user (Deleted)to attend LC to answer any questions regarding "HIAWG taking the position in favor of repeal 510, "o allow HHS to fund research on identity in healthcare."
  2. Cassie Leonard to invite Coalition members to send someone to participate in next HIAWG (10/29)Â