[Openid-specs-heart] Draft HEART Meeting Notes 2016-10-17

Mon Oct 17 21:18:09 UTC 2016

Please post your comments and questions about HIE of One and HEART to
http://thehealthcareblog.com/blog/2016/10/17/re-decentralization-of-medicine-the-hie-of-one-demonstration/

Thank you!

On Mon, Oct 17, 2016 at 5:00 PM, Sarah Squire <sarah at engageidentity.com>
wrote:

> Attendees:
>
> Debbie Bucci
>
> Adrian Gropper
>
> Bruce Wilder
>
> Cait Ryan
>
> Daniel van Leeuwen
>
> Edmund Jay
>
> Glen Marshall
>
> John Moehrke
>
> Kathleen Connor
>
> Ken Salyards
>
> Luis Maas
>
> Michael Chen
>
> Nancy Lush
>
> Paul Nichol
>
> Sarah Squire
>
> Scott Shorter
>
> Thompson Boyd
>
> Walter Kirk
>
> Adrian:
>
> The goal of this demo is to show what we think is the first
> patient-centered health record based on open standards. It’s
> patient-centered in that it’s peer-to-peer, completely independent of any
> vendors or hospitals.
>
> *demo of HIE of One AS for Patient*
>
> *demo of NOSH ChartingSystem Personal Health Record*
>
> *demo of Dr. Second’s Practice EHR*
>
> Please add comments and questions to the healthcare blog post.
>
> John:
>
> Do you have a way to deal with identity assurance?
>
> Adrian:
>
> Yes, but it’s complicated. It’s work that’s going on with the UN and W3C.
> People are figuring out how to have very strong identities. There is a good
> global definition. We’re going to be using an Etherium Blockchain product
> that links your identity to a fingerprint on your phone. We are also
> dealing with verifiable credentials like admitting privileges to be linked
> in a triple-blind verifiable privacy-preserving way. You don’t want the
> credential provider to know when and where that credential is being used.
>
> This covers much of what we’re trying to do in HEART because it goes
> directly to the clipboard use case and the desire to have a
> set-it-and-forget-it model. If we combine this with linking policy to FHIR
> resources… We’re now at the point in HEART where we have to get connected
> to the FHIR people.
>
> Ken:
>
> Is your HIE a FHIR server?
>
> Adrian:
>
> No, HIE is just an UMA authorization server. pNOSH is the FHIR resource
> server. In reality, they would probably be running on the same box, so
> there would be no reason for them to be two separate servers, but they are
> separate code bases.
>
> Ken:
>
> What about individuals who don’t have access to a cell phone or computer?
> How would they get a public and private key?
>
> Adrian:
>
> The whole basis of non-repudiation is problematic if you let someone else
> hold your private key. I haven’t heard of a solution to that problem. Maybe
> you could issue them a FIDO authenticator?
>
> Debbie:
> We’re cancelling Monday’s meeting and picking things up on the 31st. Also
> we’re looking for HEART implementations to test with our test tool. I’ll
> send something out to the HEART list.
>
> Sarah Squire
> Engage Identity
> http://engageidentity.com
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
>

-- 

Adrian Gropper MD

PROTECT YOUR FUTURE - RESTORE Health Privacy!
HELP us fight for the right to control personal health data.
DONATE: http://patientprivacyrights.org/donate-2/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20161017/5363260f/attachment.html>