2020-07-23 Meeting notes

Date

Attendees

Goals

  • Per Agenda 

Discussion items

TimeItemWhoNotes
5 MinCall to order and roll callFormer user (Deleted)
  • Quorate
  • Recording!
5 MinApproval of draft minutes of July 9, 2020Former user (Deleted)
  • Approved
10 mins

Noteworthy news and member activities, i.e. update from Colin on collaboration with other Kantara WGs and related non-Kantara initiatives; update from Barry on proposal for the Robert Wood Johnson Foundation (RWJ) National Health Identifier. 


@colin – UMA Webinar last Tuesday. Well attended. Also, ONC SME work, with CS. Very active, diverse views. 

Former user (Deleted) 1. Article on 22nd: "true interop may required national patient ID."  2. RWJ did not accept proposal. Jim Kragh Can we get judges comments for lessons-learned? Former user (Deleted) Will check.

15 mins

Continuation and progress on plans to use ID Proofing and Authentication moving toward "Authorization" Levels of Assurance, e.g. What level of authorization assurance does a relying party require to access or act upon health data in its variable levels of sensitivity?

Also: comments on her draft report on NIST, Mitre and HHS proofing evidence standards.

Former user (Deleted)

Jim Kragh – FIRE WG going for a grant in this area with ONC or other. 

Former user (Deleted) --Discuss new paper (TK) on AuthN vs AuthZ. NIST doesn't have standard for AuthZ Assurance. Reviews authZ-type frameworks that might be applied to healthcare patient authZ. 

10 minsCall for suggested KI comments to NIST on 800-63-4 (NIST deadline Aug 10) Any suggested comments from HIAWG ?Martin Smith (Unlicensed)Not discussed, (Deadline approaching!)
5 mins

New/other business:

From Tom J: We tentatively approved (3 of 6 is not quorum) work on a specification for a Mobile Assurance Statement. This is to replace the reference to a "Software Statement" that is currently in the Distributed Assurance Specification. Feedback is appreciated. Vote at the next meeting.
https://kantarainitiative.org/confluence/display/WT/Draft+Recommendations?preview=/115803040/132513794/Mobile%20Assurance%20Specification%201_0_0%20draft%20200721.docx

The Open ID foundation is working to build a consensus with the Distributed Identity Foundation on a speclet/profile for a Self Issued Identifier. I am the editor for that effort which can be viewed here: (Comments on that to me or to the github repo.)
https://github.com/KantaraInitiative/DistributedAssurance/blob/master/OpenID%20Self%20Issued%20Identifier.md  


Not discussed (but referred to in discussion of other agenda items. )
5 minsAction followups, next meeting date, and adjourn
  • Aug 6 next HIAWG

Action items

  • Former user (Deleted)to post new AuthN/AuthZ draft on HIAWG Page File List. ALL to provide comments there.
  • Former user (Deleted) requests time next meeting to discuss his solution.
  • Jim Kragh requests time next meeting to discuss building an initial authorization framework.
  • Martin Smith (Unlicensed) reminds ALL to provide suggested comments (to Ken Dagg and/or the HIAWG List) for KI submission to NIST for revision of 800-63-3 Â