2020-05-26 Meeting notes

Owned by Noreen Whysel
Last updated: May 26, 2020
2 min read

Date

Attendees


Regrets

Goals

  • Get WG consensus on Vulnerable Population Use Case
  • Review High Assurance AZ Token

Discussion items

TimeItemWhoNotes
Vulnerable Population Use Case

Jim Kragh

1)  Last week our WG discussed the draft Vulnerable  Population use case,  a document submitted days earlier to ONC-CMS discussing the CURES Act on a panel hosted by CARIN Alliance.  Noreen provided edits and some questions for review today.

Noreen, Tom, Jeff and Jim approved submitting it directly to ONC-CMS later this week along with our Public Health Centers document but we need full WG approval. Bev, Mary and Sal to provide input.   
https://wiki.idesg.org/wiki/index.php/Public_Health_Centers

Approval: Still need Sal, Mary and Bev’s approval


High  Assurance AZ Token

Tom Jones

2) Next Monday, June 1st, HHS-ONC will be hosting an Identity and patient matching workshop that will address Vulnerable Populations. 

Tom sent to the group today the elevated interest alert regarding OpenID, 'identifiers' that also links to this VP community and “did” blockchain identifier, also of interest to OpenID.

Discussed FIRE WG Digital strategy and required funding.

Opportunities identified per Tom Jones

1. Track vulnerable populations for
  a) patient matching
       a.1) Lifesaving efforts within healthcare
       a.2) Medications and opioid tracking
   b) Improved tracking for aftercare
       b.1) reduce use of ER for chronic conditions
       b.2) improve patient outcomes.
 2. cell phone evolution - NIST is interested in how 5g will be advantaged for citizens
 3. Trust registry for certified app developers (required by ONC 5/1 pub)
 4. Rules for certifying app developers (questions the auditors ask)

All review the body of Tom’s message earlier today that referenced:  
https://wiki.idesg.org/wiki/index.php/High_Assurance_AZ_Token
I have variously called this an ID token and an AZ code. Not sure
which applies, but it is NOT a Bearer token. It is generated by a user's
portable device. Note that in health care, each RP can also be an IdP and
switches dynamically between the roles. There is a patient id (called a
record locator) which is common to the two roles. In other countries this
would be called a national health care ID.

The user agent which is also an IdP and runs on  a user's portable device and generates the above token:
https://wiki.idesg.org/wiki/index.php/Phone_as_Health_Care_Credential

Discussion:

Question: does FIRE WG wish to participate in OpenID initiative for self-issued ID?

Can Kantara take on the job of registering ID providers? No conclusion. CARIN Alliance doesn’t offer a way to enforce their own Code of Conduct.

It can only be possible to use your smart phone as an identifier if you can trust the application on it.

Tom may reach out to Anil Jahn at DHS, who funds solutions. He and someone DHS from MITRE were at IIW. He will also ask Sal. Jeff knows someone at FirstNet. NIST has an effort re 5G, May be distracted by that effort.


  •