Initiatives focus on health care, state government and the IoT
28 December, 2015
NSTIC Pilot: HealthIDx
Providing federated identity in health care
The catalyst for the HealthIDx pilot is ensuring the security and privacy of electronic health records – to both provide patients and card givers with fast access and at the same time protect them from theft by cyber criminals.
HealthIDx provides cloud-based, high-assurance identity and access management services. It was founded in April 2015 as a spinoff of ID.me – a digital identity network that enables consumers to prove who they are online while controlling how their information is shared. ID.me was awarded an unrelated NSTIC grant in 2013.
“We’re in the business of issuing trusted identity credentials for the healthcare industry,” says Scott Lowry, founder and CEO of HealthIDx. “We would like to be, if you will, the VISA for identity in health care.”
HealthIDx sees the industry moving toward a federated identity model with health care providers relying on trusted credential service providers and identity brokerage services. What’s missing, according to the HealthIDx pilot proposal, is protection of the end-user’s data at all stages of the brokerage process and subsequent data exchange. Currently, they see the risk of exposing end-user identities and health information to unauthorized individuals as significant.
“Identity in health care relies much on the concept of federated identity,” Lowry says. “For federated identity to work, individual identity credentials must pass through something known as a trust broker. This trust broker bridges the gap between various identity providers who issue credentials and various relying parties who accept those credentials prior to providing the service.”
The HealthIDx pilot proposes to deliver a privacy-enhancing technology that protects patients’ identity and information in this process. The project will pilot a “triple blind” technology, effectively blinding the identity broker by providing a secure key exchange protocol. The protocol, facilitated by the identity broker, will enable identity providers and relying parties to exchange session keys while remaining confidential from the broker.
In traditional models, the identity provider and relying party don’t know anything about each other, but the trust broker sees both sides of the transaction. The goal of the pilot is to blind the broker to that transaction as well, because there are privacy and security concerns around the broker having knowledge of these transactions and possibly misusing confidential information.
HealthIDx intends to carry out two proofs of concept after the initial research and design phase. The first enables a health care system to trust a federated credential that is unknown to the health care system. According to the technical proposal for the pilot, the credential will be certified to an equivalent or greater level of assurance than the health care system requires and will be trusted as part of the trust fabric implemented in the pilot. The HealthIDx trust framework will provide the business, legal and technical requirements by which participants will abide.
The second proof of concept surrounds interoperability between government and financial institutions. A user with a government issued credential from an identity provider could use that credential in a commercial setting without being tracked across the ecosystem. HealthIDx will also promote interoperability with financial institutions plagued by privacy and government regulations that impose barriers to their participation as an identity provider.
“This is, at the end of the day, a proof of concept to demonstrate that this technology can in fact be implemented and it is possible to blind the broker. It will then be up to the commercial marketplace to determine if this is something that is really needed and implement it in every instance of the trust broker,” Lowry says. “I think the federal government has indicated that it has a need for this type of technology, but whether it goes beyond the federal government remains unclear.”
HealthIDx will carry out two proofs of concept. the first enables a health care system to trust a federated credential that is unknown to them, while the other tests interoperability of credentials between government and financial institutions.
The grant award is $1.6 million over two years, and the pilot includes several partners:
- Hydrant ID is a provider of digital identity and advanced authentication services for securing data and systems as well as e-commerce transactions
- Covisint is a technology company and cloud platform provider
- SafeMashups was started in Silicon Valley by security industry veteran Ravi Ganesan, who is chief architect of the pilot proposal.
The partners will work to provide technology to the Identity Ecosystem that balances transactional anonymity while enforcing the trust framework’s secure, interoperable identity and attribute validation. “This notion of blinding the broker has been around as a concept, and a desire, for some time,” Lowry says. “I think we should all be thankful that the government has finally stepped up and said let’s take this from theory to reality and see if it really can be made to happen.”