[Openid-specs-heart] Draft HEART meeting notes 2015-06-22

Mon Jun 22 21:36:03 UTC 2015

Adrian Gropper

Debbie Bucci

Sarah Squire

Eve Maler

Tom Sullivan

William Kinsley

Nagesh Bashyam

Edmund Jay

Greg K

Justin Richer

Ishmal Bartley

Obi Ogbanufe

Salvatore D’Agostino

Thompson Boyd

HEART Use Case: Alice Enrolls with PCP

Clarify Assumptions

We should document preconditions. We are okay with this version of Alice
being tech-savvy. We will have multiple use cases which may have other
versions of Alice who could be offline.

Terminology

Is “known to the practice” an important term of art in the healthcare
space? Do we want to use the term provider rather than PCP? No, provider is
a term that already means something different in the technology layer.

Document Core Content and Peripheral Content

We went through the current version of the document and annotated some
parts as core and some parts as peripheral. We made it to section 3a.

Identity Proofing

The fact that her PHR did some identity proofing is core, but how that
proofing was done is peripheral.

Is it in scope for this project to be able to communicate levels of
identity proofing? Yes, to prevent identity theft.

Aren’t the EHR and PHR doing their own identity proofing, so they don’t
need to communicate that as long as Alice has granted access? Yes.

The ability to express identity proofing and how it was done is in scope
for the project.

Insurance

Insurance APIs and methods of payment could be covered in another use case,
and may already be covered in the virtual clipboard use case.

We may also want to include a step in which Alice’s insurance and/or
driver’s license is verified to make sure it is valid.

We may also want to include a step in which Alice agrees to pay in the case
where her insurance does not pay.

Goals of the Use Case

Demonstration of how are the protocols being used

Demonstration of the flow, and what it looks like

Demonstration of what is in scope for credentialing and authorization
between two different systems with their own ASs and PRs and levels of
trust and proofing

Demonstration of Alice granting limited access to her protected resources

Lines and Boxes

Can we discuss lines and boxes next week? Yes.

We need a sequence diagram.

Debbie will try to put it together, send it to Eve for review, and then
send it to the list. Eve suggests using websequencediagrams.com
<https://www.websequencediagrams.com/>

Bill and Adrian are also willing to help.

Sarah Squire
Engage Identity
http://engageidentity.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150622/89b57d99/attachment.html>