2020-10-29 Meeting notes

Date

Attendees

Goals

  • Per distributed agenda

Discussion items

TimeItemWhoNotes
5 MinCall to order and roll callFormer user (Deleted)
  • Quorate
  • Recording!
5 MinApproval of draft minutes of Oct 15, 2020Former user (Deleted)
  • Approved
10 mins

Noteworthy news and member activities

https://foster.house.gov/sites/foster.house.gov/files/Digital%20Identity%20Act%20of%202020%20%28FOSTER_065_xml%29.pdf

Upcoming discussion with Jeremy Grant

Former user (Deleted) : Jim and I spoke along with Colin to the Leadership Council who approved our statement and our vote to be forwarded to the appropriate administration and Congressional leaders. See attachment also:

"The HIAWG supports the repeal of Section 510 in US Federal law, thus allowing the US Department of Health and Human Services (HHS) to fund research around Digital Identities in Healthcare"

Jim Kragh  Date for Interim Final Rule ONC on Interoperability and Info Blocking just pushed out to next April.  


Briefing to Kantara  now scheduled for Nov 11, 1PM Eastern. All 6 HIAWG attendees today are interested. 

Former user (Deleted) has a list from CHIME which he will review before sending after the new year. He will also add "Kantara" and some "color" to provide context for the recommendation.

5 mins

Further discussion of potential comments on the Foster bill in Congress on "Better Identity"? 

On 9/17/2020 4:34 PM, Tom Jones wrote:

Not sure if any group is planning to propose anything related to this bill, to Jeremy or anyone else, but here are my thoughts.
1. The HHS, CMS and ONC are not represented in spite of having the biggest ID issue in the government as of today. That MUST be remedied.
2. I really am not interested in private individuals engaged in a federal task for the government one way or the other, but would like to see a requirement that NIST include them in the framework that they create.

--

Martin replied:

Tom/all --

Agree with Tom's #1. Regarding #2, I agree that adding private-sector individuals is not the goal so much as leveraging existing frameworks, supporting a competitive environment for solutions (products and services), and aiming for a system that meets the requirements of a wide variety of use-cases (vs. Fed only.)

My additional recommended suggestions would be:

1. Re-frame the role of governments (at least the Fed Govt) to be a provider of authentication- and authorization-related attributes which are collected or created under the unique authorities of Government. There's plenty of work needed here to make sure access to these attributes is appropriately limited/secured and to make them efficiently available for ID proofing (authN attributes) or binding to an authentication identifier (AuthZ attributes) in any IAM transactions where they are relevant. Certainly the Government will continue to issue passports, but it's not a good idea to suggest that the Government will be the sole or even the main issuer of all-purpose credentials.

2. Revise the definition of "Identity Credential" to allow those NOT issued by governments. As-is: "(2) IDENTITY CREDENTIAL.—The term ‘‘identity credential’’ means a document or other evidence of the identity of an individual issued by a government agency that conveys the identity of the individual, including a driver’s license or passport."

3. Add language emphasizing Fed adoption/adaptation of existing "best practices" frameworks to achieve xALx-type functionality (vs. invention of "yet another framework.")

4. Add a plug for international interoperability as a desirable goal

5. Editorial: The use of the word "government" is inconsistent, sometimes appearing to refer just to the US Federal Government and sometimes to include State and local governments. Suggest making sure each reference is clear.


Discussion deferred pending clear plan for sending any further comments on the Foster Bill to someone. 

15 minsNew business:  Request for HIAWG comment on draft on mDL in Healthcare, submitted before today's meeting:  https://wiki.idesg.org/wiki/index.php/Mobile_Driver%27s_License_in_Healthcare#Full_Title

Tom Jones : another Kantara DG is looking for scenarios for use of a mobile driver's license. I propose to give them telemedicine as a scenario. I want feedback. I can send this as a contribution from HIAWG, or on my own, as you will.


Tom Jones reviews draft. Former user (Deleted) says it's OK to add HIAWG as validating the use-case described. Further discussion of "guardian" or "proxy" terminology, and variation of "proxy" relationships. Further discussion of the telemedicine use-case. Tom Jones invites further comments after additional review. 

Link to Pew Research Mobile Fact Sheet: https://www.pewresearch.org/internet/fact-sheet/mobile/

5 minsAction follow-ups, next meeting date, and adjournNext meeting : Nov 12 (need to discuss following meeting date on Thanksgiving Day.) 




Actions: 

  1. Former user (Deleted) to advise Colin of interest of  HIAWG participants in the J Grant briefing on Nov 11. 
  2. Former user (Deleted)  to add "color" to KI/HIAWG "Patient Identity" recommendation. 
  3. All invited to send Tom Jones additional comments on the mDL paper.Â