1 / 6

Privacy and Security Workgroup

Privacy and Security Workgroup. NSTIC Approach November 2 , 2012. January 1, 2016. The Identity Ecosystem: Individuals can choose among multiple identity providers and digital credentials for convenient, secure, and privacy-enhancing transactions anywhere, anytime. .

brad
Download Presentation

Privacy and Security Workgroup

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy and Security Workgroup NSTIC Approach November 2, 2012

  2. January 1, 2016 The Identity Ecosystem: Individuals can choose among multiple identity providers and digital credentials for convenient, secure, and privacy-enhancing transactions anywhere, anytime. Secure, online patient access to health information Streamlinedprovideraccess to multiple systems Privacy-enhancing Secure Interoperable Cost-effectiveand easy to use Ability to include identity attributes will enhance privacy Improved care through secure exchange of electronic medical records

  3. Today – Patients and providers need multiple credentials OpenID/LOA1

  4. Implementing 3rd Party Credentials Implementing 3rd Party Credentials adds complexities for EHR vendors Open ID/LOA1 OpenID/LOA1 PKI SAML/LOA3 SAML/LOA3 OpenID/LOA1 OpenID/LOA1

  5. Middle Layer Authentication Service • Cloud based • Service authenticates users • Patients and providers can re-use credentials across multiple Health IT services • Translate between different protocols (open ID, PKI, SAML, etc.) • Passes verification of authentication to EHR

  6. EHR Certification Criteria EHR Certification Criteria for Two-factor Authentication Authentication takes place in E H R system Provider EHR Provider EHR Third-Party Service Authentication takes place via third-party service

More Related