S&I Framework. Trust Bundle SWG Background. Direct Scalable Trust Forum organized by ONC in November 2012 in Washington D.C to discuss “Scalable Trust” and wide spread adoption of Direct. Outcomes from the forum
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Trust Bundle SWG Background • Direct Scalable Trust Forum organized by ONC in November 2012 in Washington D.C to discuss “Scalable Trust” and wide spread adoption of Direct. • Outcomes from the forum • Start a WG to define/refine a package of requirements that will limit/avoid the need for HISP to HISP agreements • Start a WG to determine what has to be done “In the Meantime” • Standardize Trust Bundle distribution for Direct which can then be automated • Scope: • Distribute Direct Trust Bundles within and between Trust Communities. • Collaborate with Trust Communities to pilot the Implementation Guide. • Refine the Implementation Guide based on feedback from the pilots. • Out of Scope: • Trust Anchor management policies (Addition/Removal/Modification etc) within a Trust Bundle. • Business Processes and/or Governance of the Trust Community or any of the organizations participating in the Trust Community.
Trust Bundle SWG Timeline 4/30/2013 1/31/2013 12/31/2012 2/28/2013 3/31/2013 Trust Bundle SWG kickoff Finalize Technical Approach (Leverage work performed by ABBI, DirectTrust, WSC, NSTIC pilots etc.) Proof of Concept Develop Implementation Guide Implementation Guide Consensus Pilot Implementation Guide Refine Implementation Guide
Trust Bundle Distribution Context • Trust Community: Trust Communities are formed by organizations electing to follow a common set of policies and processes related to health information exchange. Examples of these policies are identity proofing policies, certificate management policies, HIPAA compliance processes etc. • Trust Community Profile: A Trust Community can create multiple sets of policies and processes and enforce these sets of policies on selected organizations who want to conform. For e.g A Trust Community can create a set of policies and processes which organizations have to conform to for regular treatment related use cases, a different set of policies and processes that organizations have to conform to for Behavioral Health related use cases and so on. These sets of policies and processes are called as Trust Community Profiles. The word “Profile” indicates a set of policies and processes. • Trust Bundle: Trust Bundle is a collection of Direct Trust Anchors within a Trust Community that conform to a Trust Community Profile. Trust Anchor’s of member organizations who have elected to conform to a Trust Community Profile are included in the Trust Bundle for that particular Trust Community Profile. Some examples of Trust Bundles conforming to different Trust Community Profiles are: • A Trust Bundle could have Trust Anchors that conform to NIST Level of Assurance 3 • A Trust Bundle could have Trust Anchors that are FBCA Cross-certified at Medium Level of Assurance.
Trust Bundle Distribution Context 1. Request Trust Bundle Trust Bundle Requestor Trust Bundle Publisher 2. Receive Trust Bundle • Trust Bundle Requestor: A Trust Bundle Requestor is an entity (person, software system, Direct STA etc) that requests a Trust Bundle from a Trust Bundle Publisher. • Trust Bundle Publisher: A Trust Bundle Publisher is an entity that publishes one ore more Trust Bundles for a Trust Community. • The focus of the implementation guide is to detail the technical standards, protocols and content that will be used to implement the two transactions identified in the above diagram • Requesting a Trust Bundle and • Receiving a Trust Bundle
Trust Bundle Distribution IG • http://wiki.directproject.org/file/view/Implementation%20Guide%20for%20Direct%20Project%20Trust%20Bundle%20Distribution_v0.7.docx/408482894/Implementation%20Guide%20for%20Direct%20Project%20Trust%20Bundle%20Distribution_v0.7.docx