Liberty Alliance Health Identity Management SIG
Global Interoperability and Patient Privacy Focus of New Liberty Alliance Health Identity Management Group
Liberty Alliance Launches Public Special Interest Group to Enable an Internationally Interoperable Healthcare Identity Management and Information Exchange System
Orlando, Florida, USA. February 22, 2008.
Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today announced the launch of a global public forum formed to develop an interoperable, secure and privacy-respecting information exchange system for the healthcare sector.
The Liberty Alliance Health Identity Management Special Interest Group (HIM SIG) is leveraging the Liberty Alliance model of addressing the technology, business and privacy aspects of digital identity management to meet the unique identity management and regulatory challenges facing the international healthcare industry today.
Co-chaired by John Fraser, CEO, MEDNET USA and Pete Palmer, Security and Cryptography Architect, Wells Fargo, the group currently includes over 30 members from around the world representing the education, government, healthcare and technology sectors. Members are working to address how the healthcare industry will deliver secure identity management solutions that meet global regulatory mandates and ensure patient privacy.
The public group is working closely with the Liberty Identity Assurance Expert Group to ensure requirements for standardized and certified identity assurance levels in the healthcare sector meet criteria established in the policy-based Liberty Identity Assurance Framework.
"Liberty's proven interoperable technologies and standardized policy frameworks make it easier for healthcare organizations to protect sensitive data, meet compliance mandates and put patients in better control of their identity information," said Fraser. "The Health Identity Management group is a significant opportunity for individuals and organizations to come together and participate in the development of an interoperable, secure and privacy-respecting international healthcare exchange system."
About the HIM SIG
The public HIM SIG expands the work of the Liberty Alliance eHealth SIG and is designed to foster collaboration among Regional Health Information Organizations (RHIOs), Health Information Exchanges (HIEs) and all organizations interested in driving an internationally interoperable healthcare identity management and information exchange system.
The HIM SIG is working with healthcare organizations worldwide and leveraging the work of Liberty's four global Expert Groups and numerous Special Interest Groups to ensure broad industry participation. Information about Liberty's membership structure and Expert and Special Interest Groups is available, as well as information about the HIM SIG.
From the Liberty Health Identity Management SIG Charter
HIM SIG Description and Goals: The Health Identity Management SIG offers members an opportunity to join with other Liberty Alliance Members (regardless of membership level) to recommend standards to enable an internationally interoperable health care identity management and information exchange system. This may includes standard directory (LDAP) models, health care roles, implementation guides, and similar recommendations.
The goal of this activity is to engage the broadest member participation across Liberty Alliance to facilitate adoption of Liberty protocols and specifications by the healthcare industry, worldwide.
Specific goals of this group are to:
- Review existing standards, and recommend new standards for an interoperable health care identity management system using Security Assertion Markup Language (SAML) and Liberty Specifications
- Review and recommend a set of health care roles that can be used for role based access control requirements
- Review and recommend directory architecture to enhance interoperability
- Work to encourage the development of a reference implementation, using open source solutions
- Review and recommend simple APIs that are sufficiently simple to allow multiple vendors to participate in this system
- Reach out to other appropriate groups to invite participation
- Educate the health care community on the principles of standard identity management, its goals and benefits of such a system; also work to ensure the education uses common terms, cross-referenced between 'vendor-specific' concepts and Liberty standards
- Educate the community on how the system should operate and how such a system should function
- Contribute best practices to the appropriate Liberty Alliance Expert Groups for standardization consideration. This SIG recognizes a special need to coordinate with the Identity Assurance Special Interest Group (IASIG), the Identity Assurance Expert Group to ensure harmonization with their efforts to extend the original Trust Framework work of the EAP (Electronic Authentication Partnership), the Credential Assessment Framework of the US E-Authentication Initiative, and other industry contributions, into a harmonized, best-of-breed industry standard.
- Review and recommend adjustments to approved specifications as the system develops to ensure reliability, security and privacy
- Work with the vendor community to ensure interoperability between systems
See also the SIG-HIM List Archives.
[Press release source]
Prepared by Robin Cover for The XML Cover Pages archive. See also "Liberty Alliance Specifications for Federated Network Identification and Authorization."