Digital identity federation proof-of-concept for health record access shows promise
The CARIN Alliance, a collaboration of healthcare and other stakeholders working to advance health information exchange, has released the results of its proof-of-concept (PoC) testing on digital identity federation.
The report was created in collaboration with the U.S. Department of Health & Human Services (HHS) and over 25 other public and private sector stakeholders to advance consumer-directed exchange across the United States.
This report summarizes the results and recommendations from a yearlong testing proof of concept to foster digital identity federation and API-based health information exchange. The suggestions aim to help create an interoperable and secure digital identity ecosystem. Once implemented, the PoC eliminates the extra step of establishing individual “portal” accounts for data holders.
“The PoC demonstrated it is possible for patients to be reliably identity-proofed remotely and access their medical records from all of the places where they’ve received care, using a single query,” says Deven McGraw, the lead for data stewardship and data sharing at Invitae and workgroup lead for the HIE use case.
The PoC also led to the CARIN Credential Policy, an open public good designed to create policy equivalence across different identity trust frameworks. This policy was developed in collaboration with DirectTrust and the Kantara Initiative, providing a standard approach that accreditation bodies can use.
Kantara Initiative Executive Director Kay Chopard says, “Kantara was pleased to participate in writing the Credential Policy since it highlights security requirements for different but interrelated digital identity standards and lays the groundwork to fully implement federated digital identity interoperability using a variety of solutions that maintain privacy and security for patient data.”
The HL7 (Health Level Seven) Identity standard was used to address the need for a standardized individual identifier, and the HHS XMS was used as a national identity broker service.
The CARIN Alliance says it is committed to making it simple for consumers and authorized caregivers alike to access, use, and share their digital health data as they wish. The organization says the CARIN Alliance wants consumers to benefit from personal healthcare data and experience better health outcomes.
“The CARIN Alliance is a shining example of the value that public/private collaborations can provide,” says Wes Turbeville, the SVP of federal and healthcare at ID.me and workgroup lead for the CSP standalone use case. “Soon patients will be able to securely access their health information across multiple providers using a single credential of their choice.”