Digital identities: Making the patient the central point for data decisions

Making trustworthy digital identities for even just one sector of people’s lives, say, health care, is more complex than most — maybe everyone — can imagine, and yet the COVID-19 pandemic has arrived like a time’s-up warning.

A panel of people intent on solving digital identities in health care, batted the topic around in a webinar last week. No answers were forthcoming (not that any were expected), but the panel circled back a few times to an evolving definition of centralization for digital identity.

Personal health data is stored in fragments across the economy, making it impossible at times for anyone to get a complete picture of a patient. It is possible to imagine a technological way to securely link at least some of the fragments, but is not something that could happen in the immediate future.

Panelist Dr. Manreet Nijjar, an infectious diseases physician with the UK’s National Health Service, said centralized is a relative term.

Dr. Nijjar, who also is CEO and co-founder of TruU, a firm selling passwordless identity technology, said that the NHS is one organization and should have a universal view of patient data and a simple permissions procedure at least internally. But there are 270 hospitals in the NHS, and none of them trust each other when it comes to digital identity and sharing.

And while splintering is more often frustrating rather than fatal, data centralization sounds like the way to go for some people, even if that makes the data easier to find for cybercriminals.

What became clear in the webinar, hosted by custom-research firm Goode Intelligence, is that centralization itself is a term that can be debated. Should the government create a Fort Knox of digital identities? Should the private sector (Silicon Valley?) come up with a depository?

It has been a difficult question for a few years, and it has only gotten stickier over the last two months, said Dr. Nijjar.

Patients participating in a tele-health appointment cannot as easily determine if they are meeting with an actual health care professional. Nor can care givers easily know who they are visiting with.

Panelist and technology consultant Sally Eaves said centralization is preferred, and cited as a related model the work that Alphabet Inc. and Apple Inc. have done to create a COVID-19 contact-tracing API.

Assuming whatever organization doing the centralizing is scrupulously transparent, Eaves said, a consistent approach to sharing medical data would be possible. And coherent messaging could communicate exactly how data would and would not be used.

The answer is making the patient and their phone the central point, said Eaves. How it would be achieved is a larger question, but the panel found merit in it as a concept around which to build policy and strategies.

James Monaghan, a panelist and the vice president of product for Evernym Inc., said the “natural point of centralization” is around the patient. In this way, external systems are reacting to one digital identity rather than the other way around.

It is an answer with its own significant policy puzzles. Nijjar noted that in the case of COVID-19, the elderly and those low on the socio-economic scale might have trouble understanding the decisions they need to make.

Article Topics

biometrics  |  cybersecurity  |  data protection  |  data sharing  |  digital identity  |  Evernym  |  Goode Intelligence  |  healthcare  |  identity verification  |  patient identification  |  Truu