Authenticated Medical Identity
21
Good Health Network Controlling Your Identity Safe Guarding Your Privacy October 2009 Trusted Solutions for Identity Management Authentication and Access Control
-
Upload
jahn-associates -
Category
Documents
-
view
224 -
download
0
description
GHN is a CA or Certification Authority with a specific focus on healthcare. A CA is defined as a trusted entity that issues and/or revokes any public key certificate which is a digital file issued and digitally signed by the private key of a certification authority that binds the user name to a public key. The user is identified in the certificate as the one who has sole control and access to the private key.
Transcript of Authenticated Medical Identity
Good Health Network
Controlling Your IdentitySafe Guarding Your Privacy
October 2009
Trusted Solutions for
Identity Management
Authentication and
Access Control
Market Demand for Trusted Identities GHN – Credentials Service Provider
INDUSTRY NEEDS FOR e-AUTHENTICATION IDENTITY SERVICE
HealthCare Industry
Telemedicine, e-Visits, Secure CommunicationsHealth Information Networks – Consent Management
Corporate America and Technology Vendors
High security access and for confidential data sharingEmployee access and audit control for compliance
Telecommunication Industry
Hand held devices: PDA, Cell phonesFinancial Industry
Credit, debit and data cards; e-transactions and trades
It’s all about Authentication of Your ID
One Factor Authentication- Credit/Debit Cards- PIN or Zip Code
Purchase Types - Withdraw Money - Buy Goods or Services
It’s about your Identity, proving who you are electronically with Multi-Factor Authentication
CREDIT CARD: in-hand purchases
e-COMMERCE: Purchasing & Data Sharing
Something You KNOWSomething You HAVE
Something You ARE
Consumer Identities Are Mobile and In Many Forms
GHN’s Trusted Credentialing Solution A Sequential Validation e-Process
Proving Who You Are Electronically ID vetting phase
GHN’s Trusted Solution ID Vetting Phase
TrustedTrusted
ConsumerConsumerData RepositoryData Repository
Secure Data Links
SECURITY
SECURITY
Your Authenticated ID Consent Documents
Electronic Health Record’sElectronic Health Record’s ER Personal Health RecordsER Personal Health Records
VPN
INTERNETINTERNET
Secure Internet Connectivity to Sharing Emergency Medical Data
Physician Hospital
Governance
er-Personal Health Record Demonstration Project
Stimulus Funds for Health IT Security, Privacy & Authentication
States to receive $560 Million to install a secure HIE network• Deploy a standards-based secure infrastructure to securely share
patients protected health information in 2010• Strong emphasis on Privacy and Security
• 70 not-for-profits to receive $590 Million starting early 2010 to train and educate doctors/staff on the Privacy, Security, Value of electronic health records and sharing that health data with patients
States to Receive $7.2 Billion in Broadband Funds
Health Information Exchange (HIE)
Regional Extensions to Train and Educate
ID Theft on the Rise with Internet
Increasing activities…… • e-Commerce; On-Line Banking• High Speed Bandwidth• Mobile Computing – Remote Access• Hot Spots – Enterprise Authentification• File Sharing – Mobil Signatures• Wireless/Remote Devices• Use of Digital Devices and Cell Phones• Need for Secure Communications• Requirement for Consent Management
Caution – Increases in……• Un-trusted Networks• Identity Theft
Need for an e-AUTHENTIFICATED IDENTITY
Think About TomorrowThink About TomorrowHow to selectively share informationHow to selectively share information
How will you electronically:- Protect your Identity and Privacy?- Control and Share Personal - Sensitive Information?
Establishing Preferences to Share Personal Data
Mandated RequirementsMandated Requirements forfor H I E’s H I E’s
CONSUMER PREFERENCES..…..coming in 2010:
• You MUST Prove who you are electronically– Need to ‘Opt In’ to Securely Share Protected Health Information (PHI)– Will enhance Privacy, Security and Public Trust
• CONSUMERS will Authorize Access, Grant Permissions and Circumstances on sharing PHI– Can your PHI be shared during an emergency or regional disaster?– What PHI should not be shared ?– Do you have a signed Consent or Advanced Directive such as a DNR
or Organ Donor form?
Creating Trusted PreferencesCreating Trusted PreferencesWho Can See What Data and WhenWho Can See What Data and When
EVENT:
• Enrollment & ID Vetting……….
DESCRIPTION, ACTION DATA TYPE:
• User ID conformation and attribute profile generated
Creating Trusted PreferencesCreating Trusted PreferencesWho Can See What Data and WhenWho Can See What Data and When
EVENT:
• Enrollment & ID Vetting……….
• Secure Message envelope created………………………….
DESCRIPTION, ACTION, DATA TYPE:
• User ID conformation and attribute profile generated
• User Originates, Designates recipient, selects restricted data and Authorizes Message
Creating Trusted PreferencesCreating Trusted PreferencesWho Can See What Data and WhenWho Can See What Data and When
EVENT:
• Enrollment & ID Vetting……….
• Secure Message envelope created………………………….
• Physicians and care givers Trading Partners & Customers Family/Friends/Social Networks
DESCRIPTION, ACTION, DATA TYPE:
• User ID conformation and attribute profile generated
• User Originates, Designates recipient, selects restricted data and Authorizes Message
• Recipient name, title, email addressOrganization name, date and time limits, Data Use Restrictions and Access Controls
Creating Trusted PreferencesCreating Trusted PreferencesWho Can See What Data and WhenWho Can See What Data and When
EVENT:• User Authorizes Consents to
share Sensitive Data based on expressed Personal Preferences and possibly conditioned on a specific event such as an emergency
• Electronic Communications
DESCRIPTION, ACTION, DATA TYPE:• Personal Data Types with Preferences
- Emergency & Personal Health Data- AIDS, HIV OR Mental Health Data- Substance OR Child Abuse- Advanced Directives - Genetic Data OR Personal Confidential Information- Financial & sensitive corporate data- Marketing & Education material
e-Verification and Auditing
18
Application DocumentsApplication DocumentsActual ExamplesActual Examples
Authenticated ID Document
Consumer Preference Document
Sources & Uses
Source: $2,500,000 - $3,000,000 - Series D Preferred Convertible - Voting Stock Uses: Working Capital - Staff / Overhead - Enhance Product Security - Technology Upgrade - Certification - Product Commercialization - Marketing / Business Development - Launch three to five pilot projects
20
Patent - National Involvement Prototype Value Created
• PATENT PENDING re Creation of Health Information Database and Secure Access System, Process and Methods incorporating various forms of security including, voice, fingerprint, digital signatures
(Patent Attorneys: Allen, Dyer, Doppelt, Milbrath & Gilchrist, PA)
• NATIONALLY INVOLVED for 15 years in Security and Privacy Standards related to healthcare, currently co-chair a Consumer Preference work group and have Strategic and Trusted relationships nationally with market leaders in multiple industries
• FUNCTIONAL PROTOTYPE application ready to be commercialized for pilot testing…..has generated revenue
Thank YouThank You
GHN’s Authenticated IDA Trusted Management Solution
Jim [email protected]@ghnet.us
407-629-0304 ext 105407-629-0304 ext 105
