Presentation is loading. Please wait.

Presentation is loading. Please wait.

Framing Identity Management Recommendations Transport & Security Standards Workgroup November 19, 2014.

Published byScarlett Hutchinson Modified over 8 years ago

Similar presentations

Presentation on theme: "Framing Identity Management Recommendations Transport & Security Standards Workgroup November 19, 2014."— Presentation transcript:

1 Framing Identity Management Recommendations Transport & Security Standards Workgroup November 19, 2014

2 November 19, 2014 Agenda 1 3:00 p.m.Call to Order/Roll Call — Michelle Consolazio, Office of the National Coordinator Meeting Objective: Identity Management (IDM) Recommendations 3:05 p.m.Frame IDM Recommendations & Recap of Relevant TSSWG Presentations — Dixie Baker, Chair — Lisa Gallagher, Co-Chair 3:45 p.m.Good Recommendations — Dixie Baker, Chair — Lisa Gallagher, Co-Chair 3:55 p.m.Recommendations for Discussion 4:20 p.m.Discussion of Next Steps 4:25 p.m.Public Comment 4:30 p.m.Adjourn

3 FRAMING IDM RECOMMENDATIONS Dixie Baker, Chair and Lisa Gallagher, Co-Chair Office of the National Coordinator for Health Information Technology 2

4 Frame IDM Recommendations HIT Policy Committee (HITPC) Privacy and Security Tiger Team (PSTT) Recommendations for Provider Authentication (Sept 2012) Move toward multifactor authentication (NIST level of assurance (LOA) 3) for remote access of protected health information (PHI) Continue to identity proof providers in compliance with HIPAA Continue to be informed by the National Strategy for Trusted Identities in Cyberspace (NSTIC) initiative Office of the National Coordinator for Health Information Technology 3

5 Frame IDM Recommendations HITPC Privacy and Security Tiger Team (PSTT) Recommendations for Patient/Consumer (2013) Define best practices for patient/consumer identity proofing and authentication for accessing patient portals Define best practices for enabling view, download, and transmit functions initiated by either he patient or his/her representative Engage with NSTIC initiative to help align direction in consumer identity-proofing, authentication, and the use of third-party credentials with the needs of the healthcare industry Office of the National Coordinator for Health Information Technology 4

6 Recap of Relevant TSSWG Presentations OpenID Connect (authentication) OAuth 2.0 (authorization) – Related profiles: BB+ and User Managed Access Trustmarks NIST IDM work Office of the National Coordinator for Health Information Technology 5

7 Good Recommendations Recommends an ONC action Offers guidance on what is needed, for example: – Regulation/Certification? – FAQ/Guidance? – Pilots? – Coordination? (with federal partners, industry, etc.) – Others? Align with the draft interoperability roadmap (10/15 joint meeting) Office of the National Coordinator for Health Information Technology 6

8 Recommendations for Discussion Multifactor authentication for access to protected health information (PHI) Support NIST effort to revamp NIST Special Publication 800-63 – Closely follow move from LOA to componentized trust – Recommend appropriate identity-proofing for query-based access Consider Data Segmentation for Privacy (DS4P) for authorizing access to behavioral data (later on work plan) Track development and piloting of User Managed Access (UMA) profile of OAuth 2.0 as potential standard for consumer consent Office of the National Coordinator for Health Information Technology 7 WH Executive Order (multifactor authentication): http://www.whitehouse.gov/the-press-office/2014/10/17/executive-order-improving-security- consumer-financial-transactionshttp://www.whitehouse.gov/the-press-office/2014/10/17/executive-order-improving-security- consumer-financial-transactions

Download ppt "Framing Identity Management Recommendations Transport & Security Standards Workgroup November 19, 2014."

Similar presentations

HIT Standards Committee Privacy and Security Workgroup Recommendations for Electronic Health Record (EHR) Query of Provider Directories Dixie Baker, Chair.

HIT Standards Committee Privacy and Security Workgroup Recommendations for Electronic Health Record (EHR) Query of Provider Directories Dixie Baker, Chair.
Blue Button + and OAuth 2.0 Transport & Security Standards Workgroup October 8, 2014.

Blue Button + and OAuth 2.0 Transport & Security Standards Workgroup October 8, 2014.
Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March 11, 2015.

Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March 11, 2015.
1 Jan 2013 © 2002-2013 Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered.

1 Jan 2013 © Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered.
Kick-Off Meeting Semantic Standards James Ferguson, co-chair Rebecca Kush, co-chair December 1, 2014.

Kick-Off Meeting Semantic Standards James Ferguson, co-chair Rebecca Kush, co-chair December 1, 2014.
Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.

Health IT Privacy and Security Policy Jodi Daniel, J.D., M.P.H. Director, Office of Policy and Research, Office of the National Coordinator for Health.
Report to HITSC: Virtual Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Hearing held on March 12, 2014 Sponsored by the.

Report to HITSC: Virtual Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Hearing held on March 12, 2014 Sponsored by the.
Interoperability Roadmap Comments Package Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair February 24, 2015.

Interoperability Roadmap Comments Package Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair February 24, 2015.
Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.

Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.
1 Privacy and Security Tiger Team Meeting Discussion Materials Topics Patient Authentication Hearing Questions for RFC on Meaningful Use Stage 3 October.

1 Privacy and Security Tiger Team Meeting Discussion Materials Topics Patient Authentication Hearing Questions for RFC on Meaningful Use Stage 3 October.
Privacy and Security Workgroup October 14, 2014 Deven McGraw, chair Stan Crosley, co-chair.

Privacy and Security Workgroup October 14, 2014 Deven McGraw, chair Stan Crosley, co-chair.
Notice of Proposed Rulemaking (NPRM) Comments Privacy and Security Workgroup Deven McGraw, chair Stan Crosley, co-chair April 27, 2015.

Notice of Proposed Rulemaking (NPRM) Comments Privacy and Security Workgroup Deven McGraw, chair Stan Crosley, co-chair April 27, 2015.
Certification NPRM Comments Package Transport and Security Standards Workgroup Dixie Baker, Chair Lisa Gallagher, Co-Chair May 20, 2015.

Certification NPRM Comments Package Transport and Security Standards Workgroup Dixie Baker, Chair Lisa Gallagher, Co-Chair May 20, 2015.
Interoperability Roadmap Comments Package Transport and Security Standards Workgroup Dixie Baker, Chair Lisa Gallagher, Co-Chair April 22, 2015.

Interoperability Roadmap Comments Package Transport and Security Standards Workgroup Dixie Baker, Chair Lisa Gallagher, Co-Chair April 22, 2015.
Update on Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.

Update on Interoperability Roadmap Comments Sections E, F, and G Transport & Security Standards Workgroup Dixie Baker, chair Lisa Gallagher, co-chair March.
HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.

HITSP – enabling healthcare interoperability 1 enabling healthcare interoperability 1 Standards Harmonization HITSP’s efforts to address HIT-related provisions.
A Presentation on ONC’s Electronic Consent Management (ECM) Landscape Assessment Joint Meeting of the HITSC TSSWG with the HITSC ASA WG, HITPC PSWG, Interoperability.

A Presentation on ONC’s Electronic Consent Management (ECM) Landscape Assessment Joint Meeting of the HITSC TSSWG with the HITSC ASA WG, HITPC PSWG, Interoperability.
Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.

Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.
User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.

User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.
Connecting Health and Care for the Nation: A Shared Nationwide Interoperability Roadmap – DRAFT Version 1.0 Joint FACA Meeting Chartese February 10, 2015.

Connecting Health and Care for the Nation: A Shared Nationwide Interoperability Roadmap – DRAFT Version 1.0 Joint FACA Meeting Chartese February 10, 2015.

Similar presentations

Ads by Google