<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
In addition to what John Moehrke said, nowhere in my online
financial records do I have the ability to say "Do not display
transactions regarding expenses for my <name your vice here>
activities from my wife, who otherwise has full access to our joint
finances." <br>
<br>
In healthcare, though, it would at least as difficult to have such
fine-grained selectivity for, say, treatment for treatment of the
medical consequences of said vice.<br>
<br>
So healthcare and finances have a common inability to express a
consumer's fine-grained semantic policies. The motivation and
solutions to resolve those inabilities likely differ. <br>
<br>
Glen Marshall<br>
<br>
<div class="moz-cite-prefix">On 8/4/15 11:17, Moehrke, John (GE
Healthcare) wrote:<br>
</div>
<blockquote
cite="mid:B025BFE1B1C0AA4596EEF6AA85D6F49954111EDF@CINURCNA01.e2k.ad.ge.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.hoenzb
{mso-style-name:hoenzb;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:179011064;
mso-list-template-ids:-1375286650;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:215701182;
mso-list-template-ids:-190663988;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2
{mso-list-id:1452087127;
mso-list-template-ids:456156396;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3
{mso-list-id:1750496705;
mso-list-template-ids:-1708774906;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4
{mso-list-id:1925414077;
mso-list-template-ids:1197515316;}
@list l4:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
find it very troubling when the financial industry is
brought up as an example that healthcare should follow. From
a user experience, I agree with Adrian that it seems to be a
well ‘consumer centric’ model. The reality is that they are
not consumer centric, they act only by force of consumer and
often with payment for transaction fee.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">But
the financial industry are dealing with fungible assets that
can easily be insured and they have regulated maximum
damages. Healthcare has NOTHING close to this. Further the
only reason that the financial industry communicates is
because they are moving your money, an asset they get to
leverage far beyond the kind of analytics that the
healthcare community is often accused of doing (some
rightly so). The financial world does not communicate in any
way to your benefit, they are perfectly happy having
fragmented and non-aligned assets. Where as in healthcare
there is an expectation that your current treatment plan is
chosen based on your full medical history, without any piece
of information misunderstood (malpractice). <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">This
said, I am not against the goal that Adrian is promulgating.
I am just frustrated at the overbroad statements about how
wonderful the financial industry is.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">John<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
Openid-specs-heart
[<a class="moz-txt-link-freetext" href="mailto:openid-specs-heart-bounces@lists.openid.net">mailto:openid-specs-heart-bounces@lists.openid.net</a>] <b>On
Behalf Of </b>Eve Maler<br>
<b>Sent:</b> Tuesday, August 04, 2015 10:03 AM<br>
<b>To:</b> Adrian Gropper<br>
<b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:openid-specs-heart@lists.openid.net">openid-specs-heart@lists.openid.net</a><br>
<b>Subject:</b> Re: [Openid-specs-heart] Proposal for
reworked use case AND use case template<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Adrian, your patient vs. banking identity
explanation was really good -- I'm going to steal that one.
:-) Warning, musings on identity and proofing below. Hope
they're marginally interesting/helpful.<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">In the world of marketing data
brokerage, they deal in heuristic data about people all
the time but don't have to (or, maybe, even want to)
precisely identify a unique human being. (If you ever want
to be weirded out, read about Acxiom <a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.oceanoutdoor.com_site_wp-2Dcontent_uploads_ORCGuideToPersonicx.pdf&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=QtcwptaLBxuQh2WeoBs1IhxRnZzLuQe2ljx-h2VKN4A&e=">Personicx</a> psychographics
codes. I had someone in the field tell me she looked
"herself" up in the data warehouse. She said, "They knew
my bra size.")<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">In the world of credit data brokerage,
they have much the same problem as the "offline patient
identity" world does, though with a somewhat different
regulatory environment. If you're in the US and you want
to try and look up the annual free credit scores that
you're entitled to by law, think about the trouble you
have to go through to identify yourself with
multiple-choice questions about your past financial life.
Outside the US, it's even harder because privacy laws
limit the sources of data. As demographics shift and more
and more people get comfortably online/mobile,
identification gets easier because an organization
funneled someone through the process once and now owns the
"hygiene" of that credential over time -- <i>everyone</i>
can amortize the investment. However, of course, data
privacy gets more challenging.<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><br clear="all">
<o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p><b>Eve Maler<br>
</b>ForgeRock Office of the CTO | VP Innovation
& Emerging Technology<br>
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter:
@xmlgrrl<br>
Join our <a moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__forgerock.org_openuma_&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=4_28RyfGvM2JnAA2r2PC92ouszRmNenZ1TmMlmOhcg8&e="
target="_blank">ForgeRock.org OpenUMA</a>
community!<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On Mon, Aug 3, 2015 at 7:52 PM, Adrian
Gropper <<a moz-do-not-send="true"
href="mailto:agropper@healthurl.com" target="_blank">agropper@healthurl.com</a>>
wrote:<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">I'm
paying $15K / year for health insurance with a $4K
deductible through my insurance exchange. I just saved
$200 out-of pocket on ONE prescription by looking it
up in GoodRX. If I was living in any other rich
country, my insurance would be less than half that and
the prescription hassles would be much less. <br>
<br>
The information system is rigged against the consumer
in every way they can think of. Most of it involves
sharing our information selectively beyond our
control. We are being farmed.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="color:#888888">Adrian<o:p></o:p></span></p>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On Mon, Aug 3, 2015 at 10:01
PM, Aaron Seib <<a moz-do-not-send="true"
href="mailto:aaron.seib@nate-trust.org"
target="_blank">aaron.seib@nate-trust.org</a>>
wrote:<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
am serious – what is the performance
requirements to operate an UMA server for
one patient? I wasn’t giving you a hard
time.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">If
we assume that we want to make this work for
10 million people in the population tomorrow
what do we have to pay to make it work? I
am assuming that there are hosting
requirements for an UMA server and every
consumer needs to be trained on how to use
it. </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">What
is trivial? Is it $10 per person per year?
$0.10 per person per year? What is required
to make it operational? How much will they
need to get paid to establish it? </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Are
there comparable deployments that are
operating at that scale that we can refer to
from other consumer domains? </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
am making this point as I don’t want to
inadvertently exclude options that should be
considered for some transactions if they are
sufficient if they have the same outcome at
a lower cost per transaction for some
transactions.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">You
ask who wouldn’t want to have every
transaction verified against their own UMA
server? The person who is paying a per
transaction fee to get it done for them.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Aaron
Seib, CEO</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">@CaptBlueButton
</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> (o)
<a moz-do-not-send="true"
href="tel:301-540-2311" target="_blank">301-540-2311</a></span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">(m)
<a moz-do-not-send="true"
href="tel:301-326-6843" target="_blank">301-326-6843</a></span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__nate-2Dtrust.org&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=sCSOzpc0Dh4XfwS-oVrarXol9DJR1znq3FaRb45-Plg&e="
target="_blank"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;text-decoration:none"><img
id="_x0000_i1025"
src="cid:part7.04060601.09010804@securityrs.com"
border="0" height="48" width="205"></span></a><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a moz-do-not-send="true"
href="mailto:agropper@gmail.com"
target="_blank">agropper@gmail.com</a>
[mailto:<a moz-do-not-send="true"
href="mailto:agropper@gmail.com"
target="_blank">agropper@gmail.com</a>] <b>On
Behalf Of </b>Adrian Gropper<br>
<b>Sent:</b> Monday, August 03, 2015 9:07 PM</span><o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"><br>
<b>To:</b> Aaron Seib<br>
<b>Cc:</b> Id Coach; <a
moz-do-not-send="true"
href="mailto:openid-specs-heart@lists.openid.net"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:openid-specs-heart@lists.openid.net">openid-specs-heart@lists.openid.net</a></a><br>
<b>Subject:</b> Re: [Openid-specs-heart]
Proposal for reworked use case AND use
case template<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">On
Mon, Aug 3, 2015 at 6:31 PM, Aaron Seib
<<a moz-do-not-send="true"
href="mailto:aaron.seib@nate-trust.org"
target="_blank">aaron.seib@nate-trust.org</a>>
wrote:<o:p></o:p></p>
<div>
<div>
<blockquote
style="border:none;border-left:solid
#CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
don’t get the assertion that
FHIR avoids the patient
identity problem. I don’t
get this assertion. Can you
get the crayons out and
explain that to me?</span><o:p></o:p></p>
</div>
</div>
</blockquote>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">Why
don't we have a banking identity
problem? It's because people
self-identify to their bank and
their merchant. When somebody
moves our money without that, we
call it theft. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">Self-identification
is core to OAuth. You don't even
need UMA and the patient ID
problem disappears.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">What
confuses the issue is discovery.
In banking, we don't try to make
our banking or shopping activity
open to discovery. In the case of
some purchases, we actually try to
hide it. In general, to the extent
our purchasing habits are subject
to surveillance, we consider it
creepy and opt for systems like
cash or ApplePay where the
merchants, at least, can't sell
our purchase data to the data
brokers. <br>
<br>
For some reason, healthcare starts
from the assumption that people's
private activity needs to be
tracked whether they like it or
not by dozens of "exchanges" and
data brokers that we don't even
know about. We are treating people
the way we do cows in the feedlot.
In banking we have three credit
bureaus that track some of your
activity but they're regulated and
we have access to "free credit
reports". Good luck trying to get
the equivalent for your health
care. For example, in many states,
we have the equivalent of state
credit bureaus in the form of All
Payer Claims Database. Not one of
them lets the patient access,
check for errors, or benefit from
this credit bureau behavior. Who
wouldn't want a report from their
All Payer Claims Database at the
end of the yer when it's time to
choose a Bronze, Silver, Gold or
Platinum deductible form the
health insurance exchange?<o:p></o:p></p>
</div>
<blockquote
style="border:none;border-left:solid
#CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">It
sounds Miraculous and as far
as assertions about software
capabilities are concerned I
am an agnostic.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">What
are the pre-conditions that
allow for the patient
identity problem is
addressed. What problem is
created by eliminating that
one?</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Just
so I am clear – the
patient-centric approach
essentially says that each
individual has an UMA server
set up that captures their
privacy preference and
subsequent changes through
time. Whenever data about
the consumer is to be
exchanged the service is
checked to determine if the
disclosure is permitted.</span><o:p></o:p></p>
</div>
</div>
</blockquote>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Yes.
<o:p></o:p></p>
</div>
<blockquote
style="border:none;border-left:solid
#CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
would like to have an
understanding of the
performance considerations
of such a system so we can
start the procurement
process now.</span><o:p></o:p></p>
</div>
</div>
</blockquote>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">We
already have this understanding.
Bulk transfer of patient data
dates back to the paper and
mainframe days. It works just as
well for hackers as it does for
the primary business. It seems to
take 4-8 months to discover a
breach of millions of records. The
system is certainly very
efficient. It's time to introduce
technology on the part of the
user. The friction you're worried
about is a good thing. It means
the subject is aware of their data
being moved from one custodian to
another and breaches would be
reported in minutes. The computing
cost of this notice is now
trivial. Think of the UMA server
as simply a convenient way for
your "providers" to notify you of
data transfers out of your
account. What patient or family
caregiver would say no to that?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Adrian
<o:p></o:p></p>
</div>
<blockquote
style="border:none;border-left:solid
#CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Aaron
Seib, CEO</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">@CaptBlueButton
</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> (o)
<a moz-do-not-send="true"
href="tel:301-540-2311"
target="_blank">301-540-2311</a></span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">(m)
<a moz-do-not-send="true"
href="tel:301-326-6843"
target="_blank">301-326-6843</a></span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__nate-2Dtrust.org&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=sCSOzpc0Dh4XfwS-oVrarXol9DJR1znq3FaRb45-Plg&e="
target="_blank"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;text-decoration:none"><img
id="_x0000_i1026"
src="cid:part15.04020806.08070807@securityrs.com"
border="0" height="48"
width="205"></span></a><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a moz-do-not-send="true"
href="mailto:agropper@gmail.com"
target="_blank">agropper@gmail.com</a>
[mailto:<a
moz-do-not-send="true"
href="mailto:agropper@gmail.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:agropper@gmail.com">agropper@gmail.com</a></a>]
<b>On Behalf Of </b>Adrian
Gropper<br>
<b>Sent:</b> Monday, August
03, 2015 11:22 AM<br>
<b>To:</b> Aaron Seib<br>
<b>Cc:</b> Id Coach; <a
moz-do-not-send="true"
href="mailto:openid-specs-heart@lists.openid.net"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:openid-specs-heart@lists.openid.net">openid-specs-heart@lists.openid.net</a></a></span><o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><br>
<b>Subject:</b> Re:
[Openid-specs-heart]
Proposal for reworked use
case AND use case template<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">Aaron,<o:p></o:p></p>
</div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">My definition of
"patient-centric"
is what we use
in The Society
for
Participatory
Medicine:
"Nothing about
me without
me."<o:p></o:p></p>
</div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">This is not as
hypothetical
as it sounds.
A number of us
in HEART
worked on the
"Privacy on
FHIR" pilot
for last
HIMSS. We
demoed a
patient-centered
system that
included
private EHR,
gov EHR, 42CFR
Part 2
sensitive
data, PHR,
phone apps,
and wearable
IoT devices
all sharing
data using
FHIR. <a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__wiki.siframework.org_file_view_HIMSS15-5FPrivacy-2520on-2520FHIR-2520FINAL.PDF_555755441_HIMSS15-5FPrivacy-2520on-2520FHIR-2520FINAL.PDF&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=raPiIPoJutNckiSpXupDug4l3yKctfT8REEI8MxBKbs&e="
target="_blank"><a class="moz-txt-link-freetext" href="http://wiki.siframework.org/file/view/HIMSS15_Privacy%20on%20FHIR%20FINAL.PDF/555755441/HIMSS15_Privacy%20on%20FHIR%20FINAL.PDF">http://wiki.siframework.org/file/view/HIMSS15_Privacy%20on%20FHIR%20FINAL.PDF/555755441/HIMSS15_Privacy%20on%20FHIR%20FINAL.PDF</a></a>
The use of a
single UMA
Authorization
Server for
Alice across
all of these
FHIR resources
is the
embodiment of
"Nothing about
me without
me."<o:p></o:p></p>
</div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">The
patient-centered
or
patient-directed
approach to FHIR
solves, or at
least avoids,
the very
difficult
patient ID
problem. It buys
us time while
cybersecurity
initiatives like
NSTIC/IDESG
figure out how
to implement
practical trust
frameworks for
identity and
related verified
attributes.
Human ID is not
a
healthcare-specific
issue, because
we don't license
human patients.
While others
work on Human
ID, we can use
the
patient-directed
approach to
match patients
across
institutions.<o:p></o:p></p>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">The
patient-directed
approach also
avoids the
difficult problem
of delegation to a
family caregiver
or custodian.
Instead of every
FHIR resource
having to
implement a
delegation method
and policy, that
responsibility
shifts to the
patient's AS and
becomes mostly
transparent to the
resource server.<o:p></o:p></p>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">The
patient-directed
approach provides
increased
cybesecurity because
the AS is consulted
for every new
interface access.
This means that
breaches can be
discovered in
minutes instead of
months. This also
fulfills the
much-delayed
Accounting for
Disclosures
requirement in
HIPAA.<o:p></o:p></p>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">The
patient-directed
approach avoids most
of the provenance
issues because
information flows
directly from one
institution to another
without the
opportunity for delay
or corruption by
intermediary PHRs or
HIEs.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">The
patient-directed
approach solves the
"multiple portals"
problem. Once
registration is
complete, the patient
or custodian need not
interact with the
patient portal at the
Resource Server again.
In some cases, it's
possible that the
resource server can
avoid running a
patient portal
altogether by allowing
a staff member to
complete enrollment of
the patient's AS as
part of registration.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt"><br>
The Russian Dolls
metaphor doesn't work
for me. What I see is
a simple bifurcation
at the root of FHIR
design: either you
enable a
patient-specified
Authorization Server
as a third-party in
server-client FHIR
exchange or you don't.
If you start down the
UMA branch, then all
of the benefits above
accrue downstream. If
you don't start down
the UMA branch, then
complexity explodes as
we try to invent
accessory actors,
federations and
governance mechanisms.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Adrian<o:p></o:p></p>
</div>
<div>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt"> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">On
Mon, Aug 3, 2015 at
10:00 AM, Aaron Seib
<<a
moz-do-not-send="true"
href="mailto:aaron.seib@nate-trust.org" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:aaron.seib@nate-trust.org">aaron.seib@nate-trust.org</a></a>>
wrote:<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Adrian,</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Hi
– I agree with
your assessment
regarding the
sufficiency of
oAuth for the
use case as
documented. It
is a good way
and block and
tackle the
problem space to
get to consensus
of what separate
components are
capable of doing
and resolving
them from the
basic to the
complex. </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Does
everyone agree
with that
starting point?
</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">For
discussion
purposes lets
assume we have
consensus on
that. For the
use case where
the consumer has
PGHD that the
Provider wants
oAuth is
sufficient.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">This
sentence from
your email:</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt;margin-left:.5in">If
the problem is to
begin HEART with a
patient-centricity
as the problem,
then this
particular
use-case distorts
the discussion by
presuming Alice
wants a PHR and
diminishes the
patient-centered
benefits of UMA as
a health
information
exchange
technology.<o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
want to parse
that better so I
understand – can
you help edify
me about what is
meant by
“patient-centricity
as the problem”?</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
don’t have the
same feelings
about the fact
that part of the
work HEART is
doing is
inventorying
what the
different use
cases are and
their
sufficiency. In
fact I think
this step may
prove
informative to
the end point
that we are all
pursuing.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">One
use case that is
important that
doesn’t follow
the “Consumer
has PGHD that
the Provider
Wants” that
readily comes to
mind is the
pattern of
Provider A
having PHI about
Patient X that
Provider B (whom
has a
patient-provider
relationship
with Patient X)
should have if
and only iff
(IFF) it is
aligned with the
privacy
preferences of
Patient X for
Provider B to
have said data.
</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">To
close the loop –
is that a
statement of a
patient-centricity
use case? Does
what we are
learning with
the first use
case inform what
needs to be done
to satisfy the
second use
case? </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">From
a laypersons
perspective I
see a Russian
Dolls exposition
of the use cases
one building on
another until we
solve the
problems
established by
this work groups
charter.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Thank
you for letting
me share.</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><br>
Aaron</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Aaron
Seib, CEO</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">@CaptBlueButton
</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> (o)
<a
moz-do-not-send="true"
href="tel:301-540-2311" target="_blank">301-540-2311</a></span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">(m)
<a
moz-do-not-send="true"
href="tel:301-326-6843" target="_blank">301-326-6843</a></span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__nate-2Dtrust.org&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=sCSOzpc0Dh4XfwS-oVrarXol9DJR1znq3FaRb45-Plg&e="
target="_blank"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;text-decoration:none"><img
id="_x0000_i1027" src="cid:part24.00090703.07030704@securityrs.com"
border="0"
height="48"
width="205"></span></a><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
Openid-specs-heart
[mailto:<a
moz-do-not-send="true"
href="mailto:openid-specs-heart-bounces@lists.openid.net"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:openid-specs-heart-bounces@lists.openid.net">openid-specs-heart-bounces@lists.openid.net</a></a>]
<b>On Behalf Of
</b>Adrian
Gropper<br>
<b>Sent:</b>
Sunday, August
02, 2015 2:30 PM<br>
<b>To:</b> Id
Coach<br>
<b>Cc:</b> <a
moz-do-not-send="true"
href="mailto:openid-specs-heart@lists.openid.net" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:openid-specs-heart@lists.openid.net">openid-specs-heart@lists.openid.net</a></a><br>
<b>Subject:</b>
Re:
[Openid-specs-heart]
Proposal for
reworked use
case AND use
case template</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">Thank you Eve!! I
hope we can
reach
consensus on
something like
the format you
present.<o:p></o:p></p>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><br>
<br>
Narratives are
much easier to
understand
when they
begin with a
clear
statement of
the problem.
Shouldn't use
cases be asked
to clearly
state the
problem they
are trying to
solve right up
front? <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">This particular
use-case seems
to be trying
to solve some
or all of
three
problems:
federated
sign-in,
eliminating
the
registration
clipboard
hassle, and
updating a PHR
with encounter
results. All
of these can
be solved by
OAuth alone.<o:p></o:p></p>
</div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt">If the problem is
to begin HEART
with a
patient-centricity
as the
problem, then
this
particular
use-case
distorts the
discussion by
presuming
Alice wants a
PHR and
diminishes the
patient-centered
benefits of
UMA as a
health
information
exchange
technology.<o:p></o:p></p>
</div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I've tried to
clarify these
fundamental
issues in my
comments on
the document
and hope we
can resolve
this before we
move on to
semantic
profiling and
scopes.<o:p></o:p></p>
</div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Adrian<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">On Sat, Aug
1, 2015 at
3:32 PM, Id
Coach <<a
moz-do-not-send="true"
href="mailto:coach@digitalidcoach.com" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:coach@digitalidcoach.com">coach@digitalidcoach.com</a></a>>
wrote:<o:p></o:p></p>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thanks Eve,<br>
<br>
This is
wonderful. I
questioned/commented
on things only
a newbie is
likely to
ask/care
about. <br>
<br>
It's also a
useful
template for
other use
cases. To your
point about
explaining
oAuth and
other template
terms, you're
using a new
language and a
new ecosystem
to many, so I
encourage
those template
terms to be
explained over
and over again
as needed and
as
appropriate.<br>
<br>
It will be
helpful to me
to illustrate
or diagram
this process.
I'll take a
crack at that
in the next
few days (I
hope).<br>
<br>
judi<o:p></o:p></p>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt"> <o:p></o:p></p>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">On 8/1/15
11:20 AM, Eve
Maler wrote:<o:p></o:p></p>
</div>
</div>
</div>
<blockquote
style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Completing my
action item,
you'll find
our (well-worn
:-) use case
document <a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.google.com_document_d_1IvbdWerdvMuA1dQ-2DKQvVKqIBrAas7FoenNVUtgpqYrw_edit-3Fusp-3Dsharing&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=mFAukEQMozyggbR5vc6wYMWgsvuGIr11-W6P-mLm6Qo&e="
target="_blank">here</a>. Following is my proposal. If we like what I've
done here, I
recommend that
we: <o:p></o:p></p>
<div>
<div>
<ul
type="disc">
<li
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3
level1 lfo1">Edit
the doc title
to match the
use case title
I've supplied
(just below
the horizontal
line).<o:p></o:p></li>
</ul>
<ul
type="disc">
<li
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2
level1 lfo2">Resolve
all the
comments above
my title (fear
not, they're
all accounted
for in the
comments I've
inserted) and
delete all the
text above
that point
(I've retained
all our
existing text
above the
line, just in
case).<o:p></o:p></li>
</ul>
<ul
type="disc">
<li
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo3">Resolve
all the
comments I've
inserted -- as
quickly as
possible! We
don't have to
take up call
time to do the
minor ones, if
people take
the initiative
to review them
offline and
supply their
feedback as
responses to
this note.
Note that, in
this new
template, I
have avoided
the use of the
comment
mechanism for
anything that
should be a
permanent part
of the
document.<o:p></o:p></li>
</ul>
<ul
type="disc">
<li
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo4">Ask
people to
write their
other use
cases in GDoc
using this
style.<o:p></o:p></li>
</ul>
<ul
type="disc">
<li
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l4
level1 lfo5">Obviously,
if you have
suggestions on
how to improve
the template,
weigh in! If
you want to
make invasive
suggestions,
contact me and
we can do a
collaborative
editing
session
together.<o:p></o:p></li>
</ul>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I'm extremely
glad I finally
did this
exercise,
because it
caused me to
understand
more of what
we need to
consider
profiling and
more of the
"health SME"
point of view.
And, to be
honest
(perhaps
forestalling a
comment from
Justin ;-), I
don't feel
that it was
wasteful to go
to this degree
of mapping to
the
technologies
because it
flushed out
some
mismatches
that really
didn't make
sense to me
all this time.
I now feel we
can go
straight to
the heart
(ahem) of the
profiling
matter with as
many future
use cases as
we want, and
in fact, we
can begin
profiling and
write more use
cases in
parallel.<o:p></o:p></p>
</div>
</div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thanks to you
all for
letting me
"get my OCD
on".<o:p></o:p></p>
</div>
<div>
<div>
<div>
<div>
<div>
<p><b>Eve
Maler<br>
</b>ForgeRock
Office of the
CTO | VP
Innovation
& Emerging
Technology<br>
Cell <a
moz-do-not-send="true"
href="tel:%2B1%20425.345.6756" target="_blank">+1 425.345.6756</a> |
Skype: xmlgrrl
| Twitter:
@xmlgrrl<br>
Join our <a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__forgerock.org_openuma_&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=4_28RyfGvM2JnAA2r2PC92ouszRmNenZ1TmMlmOhcg8&e="
target="_blank">ForgeRock.org OpenUMA</a> community!<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt"> <o:p></o:p></p>
</div>
</div>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openid-specs-heart mailing list<o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:Openid-specs-heart@lists.openid.net" target="_blank">Openid-specs-heart@lists.openid.net</a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.openid.net_mailman_listinfo_openid-2Dspecs-2Dheart&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=geQ1ZsX_giIQGAL84fp3sIEs22LGa_0NPs1RWXN6Ez8&e=" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a><o:p></o:p></pre>
</blockquote>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;margin-bottom:12.0pt"><br>
_______________________________________________<br>
Openid-specs-heart
mailing list<br>
<a
moz-do-not-send="true"
href="mailto:Openid-specs-heart@lists.openid.net" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-heart@lists.openid.net">Openid-specs-heart@lists.openid.net</a></a><br>
<a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.openid.net_mailman_listinfo_openid-2Dspecs-2Dheart&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=geQ1ZsX_giIQGAL84fp3sIEs22LGa_0NPs1RWXN6Ez8&e="
target="_blank"><a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-heart">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a></a><o:p></o:p></p>
</div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><br>
<br
clear="all">
<br>
-- <o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Adrian
Gropper MD<br>
<br>
<span
style="font-family:"Arial","sans-serif";color:#1F497D">RESTORE
Health
Privacy!<br>
HELP us fight
for the right
to control
personal
health data.<br>
DONATE: <a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__patientprivacyrights.org_donate-2D2_&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=-4miLc7Egd2FzqscJ3w9BngaBnCpHmpDOGnBzRZ3d24&e="
target="_blank"><span style="color:#0563C1"><a class="moz-txt-link-freetext" href="http://patientprivacyrights.org/donate-2/">http://patientprivacyrights.org/donate-2/</a></span></a></span>
<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><br>
<br clear="all">
<br>
-- <o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p
class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Adrian
Gropper MD<br>
<br>
<span
style="font-family:"Arial","sans-serif";color:#1F497D">RESTORE
Health
Privacy!<br>
HELP us fight
for the right
to control
personal
health data.<br>
DONATE: <a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__patientprivacyrights.org_donate-2D2_&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=-4miLc7Egd2FzqscJ3w9BngaBnCpHmpDOGnBzRZ3d24&e="
target="_blank"><span style="color:#0563C1"><a class="moz-txt-link-freetext" href="http://patientprivacyrights.org/donate-2/">http://patientprivacyrights.org/donate-2/</a></span></a></span>
<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><br>
<br clear="all">
<br>
-- <o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Adrian
Gropper MD<br>
<br>
<span
style="font-family:"Arial","sans-serif";color:#1F497D">RESTORE
Health Privacy!<br>
HELP us fight for the
right to control
personal health data.<br>
DONATE: <a
moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__patientprivacyrights.org_donate-2D2_&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=-4miLc7Egd2FzqscJ3w9BngaBnCpHmpDOGnBzRZ3d24&e="
target="_blank"><span
style="color:#0563C1"><a class="moz-txt-link-freetext" href="http://patientprivacyrights.org/donate-2/">http://patientprivacyrights.org/donate-2/</a></span></a></span>
<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><br>
<br clear="all">
<br>
-- <o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Adrian Gropper MD<br>
<br>
<span
style="font-family:"Arial","sans-serif";color:#1F497D">RESTORE
Health Privacy!<br>
HELP us fight for the right to control
personal health data.<br>
DONATE: <a moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__patientprivacyrights.org_donate-2D2_&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=-4miLc7Egd2FzqscJ3w9BngaBnCpHmpDOGnBzRZ3d24&e="
target="_blank"><span
style="color:#0563C1">http://patientprivacyrights.org/donate-2/</span></a></span>
<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
Openid-specs-heart mailing list<br>
<a moz-do-not-send="true"
href="mailto:Openid-specs-heart@lists.openid.net">Openid-specs-heart@lists.openid.net</a><br>
<a moz-do-not-send="true"
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.openid.net_mailman_listinfo_openid-2Dspecs-2Dheart&d=AwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=BjxAvFx8QWs4XC6iU1PL1lgMCP4YVzdBhh4vu2fWdeU&s=geQ1ZsX_giIQGAL84fp3sIEs22LGa_0NPs1RWXN6Ez8&e="
target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a><o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Openid-specs-heart mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-heart@lists.openid.net">Openid-specs-heart@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-heart">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a>
</pre>
</blockquote>
<br>
</body>
</html>