2019-08-06 Meeting Notes

2019-08-06

Date and Time

  • Tuesdays 12 Noon Eastern
    • Screenshare and dial-in: 
    • See FIRE calendar for additional details: 

Agenda

  • Roll call
  • Approve minutes of telecon xx-yy-zzzz
  • AOB

Minutes

Roll call

Approve minutes

Attendees

As of 06 Aug 2019, quorum is 3 of 4 Voting participants. (Sal, Bev, Noreen, Mary)

  1. Sal D’Agostino 

  2. Jim Kragh 

  3. Noreen Whysel

  4. Tom Jones

  5. Mary Hodder

Non-voting participants:

  • Colin Wallis (staff)

Regrets:

August 6, 2019

Attending:

Agenda from Jim’s Email

With a flip of Sal's switch your call-in information will be activated:

Please join this meeting from your computer, tablet or smartphone. 

https://global.gotomeeting.com/join/469687261 

You can also dial in using your phone. 

United States: +1 (872) 240-3412 

Access Code: 469-687-261   

New to GoToMeeting? Get the app now and be ready when your first meeting starts: 

https://global.gotomeeting.com/install/469687261    

DARIE comes to life  Distributed Attributes for a Resilient Identity Ecosystem 


Agenda:

 1) We were off last week but Colin was most thoughtful in sending us the following message to Mary, Sal, Jeff and me:

Just to let you know in advance of your call that Staff have some final edits on the Wiki pages but to give you a flavor of it, here it is.

https://kantara.atlassian.net/wiki/display/WT/

GTM2's call credentials can be found in the LC wiki (understandably) restricted access area.   In terms of things to do.. you folks signing the GPA would help things along greatly. (This is a personal request from Colin so please RSVP, if inclined, so they can wrap up their admin chores - thanks, jk)

https://kantarainitiative.org/gpa-signup/?selectedGroup=43  

Cheers    Colin                

---------------------------------------------------------------------------------

As noted on the Wiki page, we should have a formal election of responsible positions/chairs and secretary but I would like to be a little more granular as reflected  in our draft charter, i.e. functional roles for each person which makes the Agile Team unique in its formation ----- let’s discuss; all positions are open: the term is through December 31, 2020

Chair: Jim Kragh

Vice-chair: Mary Hodder

Secretary: Jeff Brennan

Research Editor: Noreen Whysel

API Editor: Tom Jones

IDESG - FIRE WG Liaison: Sal D'Agostino; Director on the EFB 

External Technical Committee Liaison: Bev Corwin

---------------------------------------------------------------------------------

Regarding the Educational Foundation Board,  please read the following message from Colin July 24th It's great to have the charter approved by the LC so that the FIRE WG can form.  In fact the LC was using the same GTM line that the C3 Board was holding its Board call on, so we just managed to squeeze in all business before the LC call started.

Section 4 (Corporate Governance) of the MOU between IDESG and Kantara signed by the parties in June 2018, stipulates the Board seat for an at large Director representing IDESG once a WG was formed, so that matter requires no further discussion as it is a given.

Sal, you will be joining a Board that already has 4 members - Robin and Allan, as well as (pretty much from the outset last year) Angela Rey and (approved at the last meeting), Kay Chopard Cohen - both DC based. There is an account at the United bank in DC, and we have a DC based accountant with deep experience in non profits managing that (not that there is so much activity currently) while we await the non-profit determination from the IRS. In the fullness of time, an expanded Board will allow some of the originals to rotate off since the creation of the separate entity to enable the transition of the IDESG assets only became apparent late in the transition process, adding time commitments those folks had not really planned for.                              Kind regards, Colin

-----------------------------------------------------------------------------------------------------

2)  From Tom's sandbox comes https://wiki.idesg.org/wiki/index.php/Phone_as_Health_Care_Credential#Solution,  a set of requirements to build a test sand box to meet the health care requirements; note the uniqueness of the header - please read before our meeting so you can ask questions and provide creative insight  (thanks Tom for sending the document out).

Meeting Minutes:

Administrative:

  • Anyone who has signed GPA can update or change your status by filling it out again. We should enter Voting as this applies just to the FIRE group.
  • Mary moves to vote on appointing Sal D’Agostino as FIRE representative to board, Tom seconded. Result: unanimous yes. All must sign the GPA to make it official.


Phone as Health Care Credential use case
https://wiki.idesg.org/wiki/index.php/Phone_as_Health_Care_Credential#Solution

  • TEFCA: looked at patient credential and decided smart phone would be basis
  • Pew Org retained by HHS, in collaboration with RAND
    • 800.63.3 and level AAL2 selected
  • Tom’s Trusted Healthcare Ecosystem, Patient focused
    • Key off RAND report
    • Four points for discussion
    • What should be in sandbox
      • Parts of registry and how supported in phone
      • Case allows patient to enter emergency contact information
    • How to make the phone a healthcare credential
      • Take an existing process (identity proofing) and import from doctors office and use it to create a credential on smartphone
      • Trust registry: 
        • Makes sure user knows which entity to trust
        • Assure covered entities that native app patient is using supports TEFCA requirement
      • Important to convey: Credential service provider is not an authenticator. The patient’s smart phone is the authenticator.


Discussion:

Mary: good model, easy for users, most US citizens have smart phones. Concern is having SIM card hijacked and losing control of accounts and data. Does the user need to use a password?

Tom: May not be standardized to that level of detail. (see Tom’s Trust Registry diagram)

Credential goes into phones TEE. Phone is verified and can be disabled remotely.
To recover identity need to go back to identity proofing and authentication on phone.

Phone Credential migration: Tom needs to add this. It assumes you have your smart phone and can migrate it.

Tom posted a number of references on the Trustworthy Healthcare Ecosystem wiki page.

https://wiki.idesg.org/wiki/index.php/Trustworthy_Healthcare_Ecosystem 

Next Steps:

  • Jim will reach out to Debbie Bucci to listen in to an upcoming meeting.
  • Tom would also like to get Amy from Digital.gov on the call as well. She runs Blue Button out of White House (on loan from HHS).