120 likes | 334 Views
Consumer Authentication for Networked Personal Health Information Redwood Health Information Collaborative March 18, 2008 Josh Lemieux Director, Personal Health Technology Initiative, Markle Health Program. Common Framework for Networked Personal Health Information. Objectives.
E N D
Consumer Authentication for Networked Personal Health Information Redwood Health Information Collaborative March 18, 2008 Josh Lemieux Director, Personal Health Technology Initiative, Markle Health Program
Objectives • The overall purpose: • To help open up private and secure data flows between health data sources and consumer-accessible applications (networked PHRs). • We call these “Consumer Data Streams” — the chain of handoffs of copies of personal health information destined for the consumer’s application. • The focus is on policies: • Authentication: Trust across entities for ID proofing, online tokens, ongoing monitoring, and auditing. • Access: Broader focus on privacy, consent, data collection and use, transparency, enforcement, etc., across entities participating in Consumer Data Streams.
Many Simultaneous Activities Public and private PHR efforts • AHIP/BCBS • Dossia • Intuit • Revolution • WebMD • Google • Microsoft • VA/CMS • Large IDNs • Many smaller players Authentication efforts: • EAP/EAF • AHIC • HITSP • Liberty Alliance • VeriSign • Private vendors Access policy efforts: • Employers • AHIC • HITSP • HISPC • National Governors Ass’n • Congress, etc.
Consumer Authentication Overview • Working Group set out to find a set of authentication methods and policies that would bring networked PHRs closer to reality. • Two big barriers : • Proofing: We could not find Metric “X” for proofing accuracy. • Business issues: (i.e., competition, lack of business value, and fear of liability) may discourage data holders from accepting even well-executed proofing and authentication from remote parties.
Consumer Authentication Recommendations Part 1: Proofing • 1A:In-person proofing is a reasonable — although imperfect and poorly measured — default when there is no prior relationship with the consumer. But it’s not always feasible. • 1B: Consider ‘bootstrapping’ in-person encounters with other sectors (financial institutions, post offices, retail pharmacies, notary publics, etc.).
Consumer Authentication Recommendations 1C:Consider Remote Proofing: a. Rely on combinations of at least two alternative methods or sources for validating identity that use separate data (i.e., don't use two different sources relying on Social Security Number or the same account number). b. Are optimized to minimize the rate of false positives (i.e., when the wrong person is granted access based on an identity not his own). Provide an alternative identity-proofing protocol to mitigate false negatives (i.e., when the right person using his correct identity is denied access nonetheless). Take precautions to minimize risk to the consumer. Part 1: Proofing
Consumer Authentication Recommendations Part 1: Proofing (continued) • 1D: Begin Federal research on identity proofing quality. Federal studies to create proofing accuracy benchmarks. • 1E: Do not use clinical information as validation data in an authentication process.
Consumer Authentication Recommendations Part 2 & 3: Tokens and Monitoring • 2A-2E: Follow Industry Practice in Binding, Use, and Re-use of Tokens • 3A: Ongoing monitoring:Proofing is a process, not an event. Every authentication offers a chance at re-verification. • 3B: Enable consumers to view audit trail: Consumers can help detect fraud when they have access to transaction history.
Consumer Authentication Recommendations Part 4: Auditing and Enforcement • 4A:Ensure that third parties are “observable” in how and how well they are performing identity proofing, token-issuing and ongoing monitoring or any related services to authenticate consumers. • 4B:Ensure a mechanism for enforcement and redress for bad actions. • 4C: Consider federation and/or other contractual means to address Recommendations 4A and 4B.
Conclusion: A Path Forward • Our next area of work is to establish policy rules and techniques that establish trust among participants, including consumers, over a “network of networks.” • New trends — new threats, new business relationships, emerging technologies, and consumer awareness and behavior — all warrant close monitoring and all reinforce the idea that that the path forward on consumer authentication requires careful thinking, new research, and innovative approaches.