<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Right, but they do it during the initial binding of alice’s identity and access tokens to the record. They don’t take in a bunch of attributes from Alice’s IdP and say, “oh, well, let’s go find some Alice that might fit this”. As long as they have the right record up during the binding, then that same record can be pulled up by its local identifier. At that point, the system doesn’t even care that Alice is Alice, they just know that account X has access to record Y because of a specific (and auditable) action.<div class=""><br class=""></div><div class=""> — Justin</div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Aug 18, 2015, at 9:51 AM, Maxwell, Jeremy (OS/OCPO) <<a href="mailto:Jeremy.Maxwell@hhs.gov" class="">Jeremy.Maxwell@hhs.gov</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)" class="">
<style class=""><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div lang="EN-US" link="blue" vlink="purple" class="">
<div class="WordSection1"><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D" class="">Wait, I’m confused. I know we called identity matching out of scope, which I agree with, but what did I miss that it’s unnecessary? Even though Alice is mediating
the exchange, the provider still needs to know <i class="">which</i> Alice in the EHR, right?<o:p class=""></o:p></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D" class=""> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D" class=""> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D" class=""> </span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D" class=""> </span></p><p class="MsoNormal"><b class=""><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" class="">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"" class=""> Openid-specs-heart [<a href="mailto:openid-specs-heart-bounces@lists.openid.net" class="">mailto:openid-specs-heart-bounces@lists.openid.net</a>]
<b class="">On Behalf Of </b>Adrian Gropper<br class="">
<b class="">Sent:</b> Monday, August 17, 2015 6:41 PM<br class="">
<b class="">To:</b> Sarah Squire<br class="">
<b class="">Cc:</b> <a href="mailto:openid-specs-heart@lists.openid.net" class="">openid-specs-heart@lists.openid.net</a><br class="">
<b class="">Subject:</b> Re: [Openid-specs-heart] Draft HEART Meeting Notes 2015-08-17<o:p class=""></o:p></span></p><p class="MsoNormal"><o:p class=""> </o:p></p><p class="MsoNormal">Great notes. One flaw:<o:p class=""></o:p></p>
<div class=""><p class="MsoNormal"><o:p class=""> </o:p></p>
</div>
<div class=""><p class="MsoNormal">"<span style="font-size:10.0pt" class="">The data exchange in this use case is patient-mediated, so identity matching is necessary."</span><o:p class=""></o:p></p>
</div>
<div class=""><p class="MsoNormal"><o:p class=""> </o:p></p>
</div>
<div class=""><p class="MsoNormal"><span style="font-size:10.0pt" class="">should be is NOT necessary.</span><o:p class=""></o:p></p>
</div>
<div class=""><p class="MsoNormal"><o:p class=""> </o:p></p>
</div>
<div class=""><p class="MsoNormal"><span style="font-size:10.0pt" class="">Adrian</span><o:p class=""></o:p></p>
</div>
<div class=""><p class="MsoNormal"><span style="font-family:"Arial","sans-serif"" class=""><br class="">
</span><br class="">
On Monday, August 17, 2015, Sarah Squire <<a href="mailto:sarah@engageidentity.com" class="">sarah@engageidentity.com</a>> wrote:<o:p class=""></o:p></p>
<div class=""><div style="margin: 0in 0in 0.0001pt;" class=""><b class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Attendees:</span></b><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Debbie Bucci</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Abbie Barbir</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Adrian Gropper</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">William Kinsley</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Glen Marshall</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Justin Richer</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Sarah Squire</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Michael Magrath</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Jim Kragh</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Josh Mandel</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Chad Evans</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Corey Spears</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Edmund Jay</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Jeremy Maxwell</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Andrew Hughes</span><o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Eve Maler</span><o:p class=""></o:p></div><p class="MsoNormal" style="margin-bottom:12.0pt"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><b class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Notes:</span></b><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><b class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Alice Enrolls at PCP Use Case</span></b><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Justin’s comment was intended to convey that Alice should be able to login with whatever digital identity she chooses. We don’t want Alice
to have to create multiple usernames and passwords. </span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Is federated identity core to the HEART project? The ability to use federated identities is core to HEART, but they are not required.</span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Identity proofing policies are out of scope for the HEART project</span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Leveraging common identity attributes is a core part of the problem statement for this use case.
</span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Are we using OIDC in this use case? Yes, we are.</span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">The data exchange in this use case is patient-mediated, so identity matching is necessary.</span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">We have now finalized this use case.</span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><b class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">New Use Cases</span></b><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">We would like the next use case to involve UMA, and we would like to be able to influence and harmonize with the FHIR API. What is it that
we must profile vs what FHIR must profile?</span><o:p class=""></o:p></div><p class="MsoNormal"><o:p class=""> </o:p></p><div style="margin: 0in 0in 0.0001pt;" class=""><span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">We want to bias toward wide ecosystems.</span><o:p class=""></o:p></div><p class="MsoNormal"><br class="">
<span style="font-size: 11pt; font-family: Arial, sans-serif;" class="">Adrian will elaborate on his use cases and we can discuss next week.</span><o:p class=""></o:p></p>
<div class=""><p class="MsoNormal"><span style="font-size: 11pt; font-family: Arial, sans-serif;" class=""><br clear="all" class="">
</span><o:p class=""></o:p></p>
<div class="">
<div class="">
<div class="">
<div class=""><p class="MsoNormal"><span style="color:#888888" class="">Sarah Squire<o:p class=""></o:p></span></p>
</div>
<div class=""><p class="MsoNormal"><span style="color:#888888" class="">Engage Identity<o:p class=""></o:p></span></p>
</div>
<div class=""><p class="MsoNormal"><span style="color:#888888" class=""><a href="http://engageidentity.com/" target="_blank" class=""><span style="color:#1155CC" class="">http://engageidentity.com</span></a><o:p class=""></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div><p class="MsoNormal"><br class="">
<br class="">
-- <o:p class=""></o:p></p>
<div class="">
<div class="">
<div class="">
<div class=""><p class="MsoNormal"><o:p class=""> </o:p></p>
<div class=""><p class="MsoNormal">Adrian Gropper MD<br class="">
<br class="">
<span style="font-family:"Arial","sans-serif";color:#1F497D" class="">RESTORE Health Privacy!<br class="">
HELP us fight for the right to control personal health data.<br class="">
DONATE: <a href="http://patientprivacyrights.org/donate-2/" target="_blank" class=""><span style="color:#0563C1" class="">http://patientprivacyrights.org/donate-2/</span></a></span>
<o:p class=""></o:p></p>
</div>
</div>
</div>
</div>
</div><p class="MsoNormal"><o:p class=""> </o:p></p>
</div>
</div>
_______________________________________________<br class="">Openid-specs-heart mailing list<br class=""><a href="mailto:Openid-specs-heart@lists.openid.net" class="">Openid-specs-heart@lists.openid.net</a><br class="">http://lists.openid.net/mailman/listinfo/openid-specs-heart<br class=""></div></blockquote></div><br class=""></div></body></html>