<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">It’s just not reasonable. Do you really think we should require every single person to run a separate instance of an authorization server for the world to work? It’s not going to happen, nor should it have to in order to have privacy and security. <div class=""><br class=""></div><div class="">And even then, the data isn’t encrypted to AS’s key. If it were, then the user’s client application couldn’t read it. Remember, it’s the client that’s fetching the record for the user, not the AS. </div><div class=""><br class=""></div><div class=""> — Justin</div><div class=""><br class=""><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Jan 25, 2016, at 10:02 AM, Adrian Gropper <<a href="mailto:agropper@healthurl.com" class="">agropper@healthurl.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta http-equiv="Content-Type" content="text/html; charset=utf-8" class=""><div dir="ltr" class="">Why "most likely not"? Is it a security issue? a cost issue? We don't have to compromise privacy for security in our connected world.<br class=""></div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Mon, Jan 25, 2016 at 9:55 AM, Justin Richer <span dir="ltr" class=""><<a href="mailto:jricher@mit.edu" target="_blank" class="">jricher@mit.edu</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000" class="">
    But it's not like that, the arity is very different. <br class="">
    <br class="">
    Every record is associated with an AS, perhaps a separate AS for
    each record/patient but most likely not.<br class="">
    <br class="">
    Every AS is associated with a jwks_uri, but only one per AS. <br class=""><span class="HOEnZb"><font color="#888888" class="">
    <br class="">
     -- Justin</font></span><div class=""><div class="h5"><br class="">
    <br class="">
    <div class="">On 1/25/2016 9:02 AM, Adrian Gropper
      wrote:<br class="">
    </div>
    <blockquote type="cite" class="">
      
      <div dir="ltr" class="">It means that every patient record is associated
        with a separate jwks_uri for that patient's AS.<br class="">
      </div>
      <div class="gmail_extra"><br class="">
        <div class="gmail_quote">On Mon, Jan 25, 2016 at 8:59 AM, Justin
          Richer <span dir="ltr" class=""><<a href="mailto:jricher@mit.edu" target="_blank" class="">jricher@mit.edu</a>></span>
          wrote:<br class="">
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div bgcolor="#FFFFFF" text="#000000" class=""> Yes you did. Quote:<span class=""><br class="">
                <br class="">
                "The system is also much more resistant to data breaches
                as data holders (UMA Resource Servers) must implement
                separate <b class="">encryption keys </b>for each patient."<br class="">
                <br class="">
              </span> So if you don't mean separately encrypting the
              data for each user, what does that statement mean? The
              access token isn't an encryption key. <br class="">
              <span class=""><font color="#888888" class=""> <br class="">
                   -- Justin</font></span>
              <div class="">
                <div class=""><br class="">
                  <br class="">
                  <div class="">On 1/25/2016 8:57 AM, Adrian Gropper wrote:<br class="">
                  </div>
                  <blockquote type="cite" class="">
                    <div dir="ltr" class="">
                      <div class="">I never said anything about how the data is
                        encrypted. I only talk about how access to the
                        FHIR API is controlled.<br class="">
                        <br class="">
                      </div>
                      Adrian<br class="">
                    </div>
                    <div class="gmail_extra"><br class="">
                      <div class="gmail_quote">On Mon, Jan 25, 2016 at
                        8:55 AM, Justin Richer <span dir="ltr" class=""><<a href="mailto:jricher@mit.edu" target="_blank" class=""></a><a href="mailto:jricher@mit.edu" target="_blank" class="">jricher@mit.edu</a>></span>
                        wrote:<br class="">
                        <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                          <div bgcolor="#FFFFFF" text="#000000" class=""> Adrian,<br class="">
                            <br class="">
                            I've asked this before and thought we'd
                            settled it, but it keeps coming up: where
                            are you getting the idea of encrypting the
                            data to the patient using a patient's key?
                            That is not in scope for HEART, nor is it
                            part of any of the underlying protocols.<span class=""><font color="#888888" class=""><br class="">
                                <br class="">
                                 -- Justin</font></span>
                            <div class="">
                              <div class=""><br class="">
                                <br class="">
                                <div class="">On 1/25/2016 8:52 AM, Adrian
                                  Gropper wrote:<br class="">
                                </div>
                                <blockquote type="cite" class="">
                                  <div dir="ltr" class="">
                                    <div class="">
                                      <div class="">
                                        <div class="">Establishing a separate URI
                                          for each patient is likely to
                                          be the only stable solution to
                                          the patient ID problem. The
                                          issue, however, is how many
                                          URIs will a patient be allowed
                                          to have? If the URIs are
                                          coercive, in the sense of a
                                          chip or tattoo issued by
                                          government or an equivalent
                                          global authority (Facebook?)
                                          or the URI is derived from DNA
                                          or an iris scan. (Iris scans
                                          are a good positive IDs and
                                          can be read from 30 feet away
                                          with modern technology.)<br class="">
                                          <br class="">
                                        </div>
                                        Let's assume, for our purposes,
                                        that an iris scanner costs about
                                        as much as a credit card
                                        terminal, cheap enough for every
                                        front office, ambulance, and
                                        police car. Is the patient ID
                                        problem solved? I don't think
                                        so.<br class="">
                                        <br class="">
                                      </div>
                                      Patients can have one or more
                                      separate URIs in order to help
                                      manage their health records.
                                      Today, we typically use email
                                      address for this purpose, with
                                      WebFinger <a href="https://webfinger.net/" target="_blank" class=""></a><a href="https://webfinger.net/" target="_blank" class="">https://webfinger.net/</a>
                                      as a standardized way to discover
                                      linked attributes such as the
                                      patient's UMA Authorization Server
                                      and the associated public key. <br class="">
                                      <br class="">
                                      UMA for patient ID brings numerous
                                      benefits including much greater
                                      transparency and security. The
                                      patient now has a single portal
                                      (their UMA AS) to view all current
                                      relationships under that
                                      particular patient ID persona. The
                                      system is also much more resistant
                                      to data breaches as data holders
                                      (UMA Resource Servers) must
                                      implement separate encryption keys
                                      for each patient.<br class="">
                                      <br class="">
                                    </div>
                                    <div class="">I think the HEART group is in a
                                      good position to compete for the
                                      CHIME challenge on this basis and
                                      I'd be happy for me and PPR to
                                      help organize a submission.<br class="">
                                      <br class="">
                                    </div>
                                    <div class="">Adrian<br class="">
                                    </div>
                                  </div>
                                  <div class="gmail_extra"><br class="">
                                    <div class="gmail_quote">On Sun, Jan
                                      24, 2016 at 1:20 PM, Aaron Seib <span dir="ltr" class=""><<a href="mailto:aaron.seib@nate-trust.org" target="_blank" class=""></a><a href="mailto:aaron.seib@nate-trust.org" target="_blank" class="">aaron.seib@nate-trust.org</a>></span>
                                      wrote:<br class="">
                                      <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                        <div class="">
                                          <div class="">I appreciate your
                                            expertise and action.  </div>
                                          <div class=""><br class="">
                                          </div>
                                          <div class="">I don't necessarily agree
                                            with some of your statements
                                            here but that is the beauty
                                            of open processes.  </div>
                                          <div class=""><br class="">
                                          </div>
                                          <div class="">Let's strive to do all we
                                            can - together.</div>
                                          <div class=""><br class="">
                                          </div>
                                          <div class=""><br class="">
                                          </div>
                                          <div class=""><br class="">
                                          </div>
                                          <div class=""><span style="font-size:15.4224px" class="">Aaron

                                              Seib</span>
                                            <div class=""><span style="font-size:17.489px" class="">@CaptBlueButton<br class="">
                                              </span>
                                              <div dir="auto" class=""><span style="font-size:15.4224px" dir="auto" class="">(O) <a href="tel:301-540-9549" value="+13015409549" target="_blank" class="">301-540-9549</a></span></div>
                                              <div dir="auto" class=""><span style="font-size:15.4224px" dir="auto" class="">(M) <a href="tel:301-326-6843" value="+13013266843" target="_blank" class="">301-326-6843</a></span></div>
                                              <div dir="auto" class=""><span style="font-size:15.4224px" dir="auto" class=""><br class="">
                                                </span></div>
                                              <div dir="auto" class=""><span style="font-size:15.4224px" dir="auto" class="">"The trick
                                                  to earning trust is to
                                                  avoid all tricks. 
                                                  Including tricks on
                                                  yourself."</span></div>
                                              <div dir="auto" class=""><br class="">
                                              </div>
                                            </div>
                                          </div>
                                          <div class="">
                                            <div class=""><br class="">
                                              <br class="">
                                              -------- Original message
                                              --------<br class="">
                                              From: "Glen Marshall
                                              [SRS]" <<a href="mailto:gfm@securityrs.com" target="_blank" class=""></a><a href="mailto:gfm@securityrs.com" target="_blank" class="">gfm@securityrs.com</a>>


                                              <br class="">
                                              Date: 2016/01/24 7:07 AM
                                              (GMT-08:00) <br class="">
                                              To: HEART List <<a href="mailto:openid-specs-heart@lists.openid.net" target="_blank" class=""></a><a href="mailto:openid-specs-heart@lists.openid.net" target="_blank" class="">openid-specs-heart@lists.openid.net</a>>


                                              <br class="">
                                              Subject:
                                              [Openid-specs-heart] CHIME
                                              Launches $1M Challenge to
                                              Solve Patient ID Problem <br class="">
                                              <br class="">
                                              This is pertinent to our
                                              data-sharing use cases. 
                                              There is no current
                                              solution to accurately
                                              sharing/gathering
                                              patients' clinical data
                                              stored among various
                                              repositories.  In turn,
                                              that makes applying access
                                              controls across all of a
                                              patient's data in those
                                              repositories difficult.  
                                              I'm happy to see Chime's
                                              challenge.<br class="">
                                              <br class="">
                                              However, the related
                                              problem of discovering
                                              where all of one's data
                                              might be is
                                              computationally
                                              intractable.  It is
                                              equally intractable to
                                              gather and combine all
                                              access permissions and
                                              regulatory restrictions on
                                              patients' data, even if
                                              there were a useful means
                                              to do so.  (Both are
                                              equivalent to the <a href="https://en.wikipedia.org/wiki/Halting_problem" target="_blank" class="">halting
                                                problem</a>.)<br class="">
                                              <br class="">
                                              Having a single "source of
                                              truth" repository is one
                                              direction for a solution,
                                              as is having a single
                                              access permissions
                                              source.  Keeping them
                                              updated with new data and
                                              permissions is possible,
                                              even if difficult in the
                                              short run.<br class="">
                                              <br class="">
                                              However, establishing
                                              unique URIs for each
                                              patient's data and
                                              permissions is the same as
                                              having a universal patient
                                              identifier.  That might be
                                              subject to current
                                              Congressional funding
                                              restrictions.   <br class="">
                                              <br class="">
                                              <br class="">
                                              <i class="">The College of
                                                Healthcare Information
                                                Management Executives on
                                                Tuesday launched a $1
                                                million National Patient
                                                ID Challenge to develop
                                                solutions to ensure 100
                                                percent accuracy of
                                                every patient’s identity
                                                to reduce preventable
                                                medical errors.</i><i class=""><br class="">
                                              </i><i class=""><br class="">
                                              </i><i class=""><a href="http://www.healthdatamanagement.com/news/chime-launches-1m-challenge-to-solve-patient-id-problem" target="_blank" class=""></a><a href="http://www.healthdatamanagement.com/news/chime-launches-1m-challenge-to-solve-patient-id-problem" target="_blank" class="">http://www.healthdatamanagement.com/news/chime-launches-1m-challenge-to-solve-patient-id-problem</a></i><br class="">
                                              <div class="">-- <br class=""><p class=""><b class="">Glen F. Marshall</b><br class="">
                                                  Consultant<br class="">
                                                  Security Risk
                                                  Solutions, Inc.<br class="">
                                                  698 Fishermans Bend<br class="">
                                                  Mount Pleasant, SC
                                                  29464<br class="">
                                                  Tel: <a href="tel:%28610%29%20644-2452" value="+16106442452" target="_blank" class="">(610)
                                                    644-2452</a><br class="">
                                                  Mobile: <a href="tel:%28610%29%20613-3084" value="+16106133084" target="_blank" class="">(610)
                                                    613-3084</a><br class="">
                                                  <a href="mailto:gfm@securityrs.com" target="_blank" class=""></a><a href="mailto:gfm@securityrs.com" target="_blank" class="">gfm@securityrs.com</a><br class="">
                                                  <a href="http://www.securityrisksolutions.com/" target="_blank" class=""></a><a href="http://www.securityrisksolutions.com/" target="_blank" class="">www.SecurityRiskSolutions.com</a></p>
                                              </div>
                                            </div>
                                          </div>
                                        </div>
                                        <br class="">
_______________________________________________<br class="">
                                        Openid-specs-heart mailing list<br class="">
                                        <a href="mailto:Openid-specs-heart@lists.openid.net" target="_blank" class="">Openid-specs-heart@lists.openid.net</a><br class="">
                                        <a href="http://lists.openid.net/mailman/listinfo/openid-specs-heart" rel="noreferrer" target="_blank" class="">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a><br class="">
                                        <br class="">
                                      </blockquote>
                                    </div>
                                    <br class="">
                                    <br clear="all" class="">
                                    <br class="">
                                    -- <br class="">
                                    <div class="">
                                      <div dir="ltr" class="">
                                        <div class="">
                                          <div dir="ltr" class="">
                                            <div class="">
                                              <div dir="ltr" class="">
                                                <div class=""><br class="">
                                                  <div dir="ltr" class="">Adrian
                                                    Gropper MD<span style="font-size:11pt" class=""></span><br class="">
                                                    <br class="">
                                                    <span style="font-family:"Arial",sans-serif;color:#1f497d" class="">PROTECT


                                                      YOUR FUTURE -
                                                      RESTORE Health
                                                      Privacy!</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">
                                                      HELP us fight for
                                                      the right to
                                                      control personal
                                                      health data.</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""></span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">
                                                      DONATE: <a href="http://patientprivacyrights.org/donate-2/" target="_blank" class=""><span style="color:#0563c1" class=""></span></a><a href="http://patientprivacyrights.org/donate-2/" target="_blank" class=""></a><a href="http://patientprivacyrights.org/donate-2/" target="_blank" class="">http://patientprivacyrights.org/donate-2/</a></span><span style="color:#1f497d" class=""></span> </div>
                                                </div>
                                              </div>
                                            </div>
                                          </div>
                                        </div>
                                      </div>
                                    </div>
                                  </div>
                                  <br class="">
                                  <fieldset class=""></fieldset>
                                  <br class="">
                                  <pre class="">_______________________________________________
Openid-specs-heart mailing list
<a href="mailto:Openid-specs-heart@lists.openid.net" target="_blank" class="">Openid-specs-heart@lists.openid.net</a>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-heart" target="_blank" class="">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a>
</pre>
                                </blockquote>
                                <br class="">
                              </div>
                            </div>
                          </div>
                        </blockquote>
                      </div>
                      <br class="">
                      <br clear="all" class="">
                      <br class="">
                      -- <br class="">
                      <div class="">
                        <div dir="ltr" class="">
                          <div class="">
                            <div dir="ltr" class="">
                              <div class="">
                                <div dir="ltr" class="">
                                  <div class=""><br class="">
                                    <div dir="ltr" class="">Adrian Gropper MD<span style="font-size:11pt" class=""></span><br class="">
                                      <br class="">
                                      <span style="font-family:"Arial",sans-serif;color:#1f497d" class="">PROTECT

                                        YOUR FUTURE - RESTORE Health
                                        Privacy!</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">
                                        HELP us fight for the right to
                                        control personal health data.</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""></span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">
                                        DONATE: <a href="http://patientprivacyrights.org/donate-2/" target="_blank" class=""><span style="color:#0563c1" class=""></span></a><a href="http://patientprivacyrights.org/donate-2/" target="_blank" class="">http://patientprivacyrights.org/donate-2/</a></span><span style="color:#1f497d" class=""></span> </div>
                                  </div>
                                </div>
                              </div>
                            </div>
                          </div>
                        </div>
                      </div>
                    </div>
                  </blockquote>
                  <br class="">
                </div>
              </div>
            </div>
          </blockquote>
        </div>
        <br class="">
        <br clear="all" class="">
        <br class="">
        -- <br class="">
        <div class="">
          <div dir="ltr" class="">
            <div class="">
              <div dir="ltr" class="">
                <div class="">
                  <div dir="ltr" class="">
                    <div class=""><br class="">
                      <div dir="ltr" class="">Adrian Gropper MD<span style="font-size:11pt" class=""></span><br class="">
                        <br class="">
                        <span style="font-family:"Arial",sans-serif;color:#1f497d" class="">PROTECT
                          YOUR FUTURE - RESTORE Health Privacy!</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">
                          HELP us fight for the right to control
                          personal health data.</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""></span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">
                          DONATE:
                          <a href="http://patientprivacyrights.org/donate-2/" target="_blank" class=""><span style="color:#0563c1" class="">http://patientprivacyrights.org/donate-2/</span></a></span><span style="color:#1f497d" class=""></span>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
    </blockquote>
    <br class="">
  </div></div></div>

</blockquote></div><br class=""><br clear="all" class=""><br class="">-- <br class=""><div class="gmail_signature"><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><br class=""><div dir="ltr" class="">Adrian Gropper MD<span style="font-size:11pt" class=""></span><br class=""><br class=""><span style="font-family:"Arial",sans-serif;color:#1f497d" class="">PROTECT YOUR FUTURE - RESTORE Health Privacy!</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">HELP us fight for the right to control personal health data.</span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""></span><span style="font-family:"Arial",sans-serif;color:#1f497d" class=""><br class="">DONATE:
<a href="http://patientprivacyrights.org/donate-2/" target="_blank" class=""><span style="color:#0563c1" class="">http://patientprivacyrights.org/donate-2/</span></a></span><span style="color:#1f497d" class=""></span>
</div></div></div></div></div></div></div></div>
</div>
</div></blockquote></div><br class=""></div></div></body></html>