2020-03-19 Minutes
Attendees
Voting Participants: Ken Dagg; Richard Wilsher; Mark Hapner; Martin Smith
Non-voting participants: James Jung
Non-participants: Barry Hieb, HIAWG.
Staff: Colin Wallis and Ruth Puente
Quorum: As of 2019-12-19, quorum is 3 of 5. There was quorum
Agenda
Administration:
- Roll Call
- Agenda Confirmation
- Minutes approval 2020-03-05 Draft Minutes
- Action Item Review: action item list
- Staff reports and updates - Keeping up with Kantara March 2020and February Director's Corner
- LC reports and updates
- Call for Tweet-worthy items to feed (@KantaraNews)
Discussion: Develop comments on - PCTF Verified Person, Privacy, and Glossary Draft Recommendations V1.0
Any Other Business
Minutes Approval
2020-03-05 Minutes were approved by motion. Mark moved and Martin seconded. Unanimous approval.
Updates
Ken provided highlights from Keeping up with Kantarians:
- Idemia joined Kantara and took a seat on the Board, represented by Matt Thompson
- A working group on mDL will be created, if you are interested to join please contact Colin. It was added that the charter is being drafted.
- Ruth pointed out that on Kantara Events page, it was added a note of possible impacts that the COVID-19 may have on the events depending on the hosting country.
- LC Updates - Ken shared the various updates of the WGs following the LC report: LC WG and DG Updates 20200319 1.pdf
Develop comments on PCTF Verified Person, Privacy, and Glossary
- Ken said that DIACC have released three new components of the Pan Canadian Trust Framework for review and comment available at PCTF Verified Person, Privacy, and Glossary Draft Recommendations V1.0. He added that the documents include:
- Person Component: this component defines a set of processes that will be used to establish that a natural person is real, unique, and identifiable.
- Privacy Component: this component will be used to ensure the ongoing integrity of the privacy processes, policies and controls of organizations in a Digital Identity Ecosystem.
- Glossary: this component provides definitions and examples for terms that appear across PCTF documentation in order to ensure that all stakeholders have a shared and consistent understanding of terms used in the context of the PCTF.
- Ken added that it's the first time that PCTF provides a Glossary of all the terms.
- In relation to the Privacy Component, Ken remarked that in essence it's derived from personal information privacy protection federal legislation including 10 principles. The document includes conformance criteria to assess an organization against the privacy rules.
- Mark commented that requirements for healthcare providers to allow people to access the records through mobile applications were recently published: https://www.natlawreview.com/article/hhs-publishes-new-health-data-interoperability-and-patient-access-rules
- It was said that the deadline to submit comments is April 10th.
- Ken proposed that IAWG prepare comments on these three documents and stressed that the primary benefit to Kantara of reviewing these three components of the PCTF is to give insight on how another Trust Framework is approaching these concepts with an eye to possibly enhancing Kantara’s IAF. Besides, he remarked that by providing comments to DIACC, Kantara will maintain both contact with DIACC and Kantara’s image as a player in the digital identification arena.
- After Ken's presentation of the documents, IAWG agreed to develop comments on this new set of PCTF documents.
63C SAC sub-group update and relationship with Healthcare industry
- Richard commented that the 63C sub-group that is developing FAL2 criteria is progressing well.
- The sub-group is discussing how to define the Federation Authority, how a Federation creates itself, who sets the rules.
- Richard pointed out that it has been a challenge in writing criteria as NIST requirements for vetting members of the federation is lightly written, so the participants wonder if Kantara should impose greater rigor and add additional requirements in relation to the source text. He also said that the group is considering how to introduce the concepts in the Healthcare system, what would define a federation for sharing credentials within the healthcare industry.
- Ken added that he will share these challenges with HIAWG as it impacts both WGs.