www.directtrust.org 1101 connecticut ave nw, washington, dc 20036 1:00 pm edt, october 3, 2014 ...
Post on 21-Dec-2015
218 Views
Preview:
TRANSCRIPT
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 1
DirectTrustAll Members Meeting
1:00 pm EDT, October 3, 2014
https://global.gotomeeting.com/meeting/join/930802605
(626) 521-0013 -- 930-802-605#
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 2
Agenda
• Welcome and new member greetings• DTAAP, industry update, and news from members.• Presentation from MiHIN– “Identity Exchange Hub: Trusted Provider and Consumer
Identities”
• Workgroup updates• Open discussion and comment
“You are the most trusted names in Healthcare Exchange”
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
DirectTrust Members142 and Counting…..
33
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 4
DirectTrust Members142 and Counting….
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 5
New Members
• Prosocial Applications, Inc
• IOS Health Systems
• Ready Computing Inc
• HealthBridge
• RazorInsights, LLC
• Sujansky and Associates, LLC
• HealthShare Exchange of Southeastern Pennsylvania, Inc
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 6
Renewing Members
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 7
Newest Accreditations
• Health Companion• RelayHealth• Axesson
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Facts and figures, August, 2014
8
145 member organizations Coop Agreement extended another year 20 fully accredited and audited HISPs, 13
CA/RAs 20 candidate status HISPs, 2 CA/RAs 37 HISPs in trust anchor bundles 50+ HIEs and 250+ certified EHRs supported 29,000 health care organizations supported 420,000+ Direct accounts/addresses
provisioned 8 million Direct messages past 13 months 450,000 Direct messages for Stage 2
Meaningful Users in month of July, 2014
DorectTrust Network
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 9
Identity Exchange Hub
Trusted Provider and Consumer Identities
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 10
Why are we doing this?
• Improve identity verification to reduce fraud
• Leverage and use the identity proofing processes of other trusted organizations
• Reduce IT staff workload (fewer account creations)
• Reduce number of IDs and passwords for providers and participants
• Improve security through standard processes
• Leverage State’s investment in Michigan Identity Credentialing and Access Management (MICAM)
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 11
Creation of the HICAM Federation
HICAM FederationIdentity Exchange Hub
Health Systems
Qualified Organizations
Direct Secure Messaging
HISPs
Statewide Health Provider
Directory
State of Michigan MICAM
F e d e r a ti o n P a r ti c i p a n t s ( p r o v i d e r s )
Protocols Policies Practices
HealthPlans
Consent and AdvancedDirectiveRegistries
Gift of Life Registry (organ
donors)
Health Identity Credentialing and Access Management (HICAM) federation is an alliance of organizations who agree to abide by a common set of protocols, policies and practices (the three P’s)
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 12
Creation of the HICAM Federation
HICAM FederationIdentity Exchange Hub
Personal Health
Records(PHRs)
Medicaid Member Portal (MyHealthPortal)
Direct Secure Messaging
HISPs
Statewide Consumer Directory
State of Michigan MICAM
F e d e r a ti o n P a r ti c i p a n t s ( c o n s u m e r s )
Protocols Policies Practices
Patient Portals
AdvancedDirectiveRegistries
ConsentManagementSystems for
standard behavioral health
consents
Health Identity Credentialing and Access Management (HICAM) federation is an alliance of organizations who agree to abide by a common set of protocols, policies and practices (the three P’s)
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 13
Trusted, federated identities for healthcare
Federated Identity Management (FIDM) in general consists of:
PROTOCOLS: The technical connectivity between systems• Expand Single-Sign-On (SSO) across organizational boundaries• Standards include OASIS, SAML 2.0, XACML• NIST 800-63 Levels of Assurance (LOA)
POLICIES: Legal and Trust Framework development• Legal agreements establishing “trust beyond reproach”• Federated Sharing Organization Agreement (FSOA) • Use Case Agreements (UCAs)
PRACTICES: Process implementation• Process workflow – precise series of steps• User Acceptance Testing (UAT)• Monitor the process – end to end walk through with participants
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 14
Protocols: Technical and Logical Connectivity
Currently connected Service Providers (for providers):– Beaumont Hospital – MiHIN Biometric LOA 3 Identity Provider– MiHIN Active Directory Identity Provider– Statewide Health Provider Directory (HPD) (Salesforce.com)– Direct Secure Messaging HISPs
Planned Service Providers for consumers:– Personal Health Records (PHRs) and Patient Portals
• MS-Healthvault• NoMoreClipBoard• Patient portals determined by Health Systems
– Consent and Advanced Directive Registries• Gift of Life Registry (organ donors)• Peace of Mind registry (living wills, DNRs, durable powers of attorney)• Standard Consent Management Systems (CMS)
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
LOA 3 Identity Registration System and Identity Provider
• Created an Identity Provider (IdP) capable of registering LOA 3 credentials for the HICAM federation
• Setting up identity proofing processes at USPS retail locations, Secretary of State offices and onsite at other health systems/plans (e.g. Beaumont Hospital)
15
First Provider, Dr. Robert Jackson registering for LOA 3 with biometric
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Biometrics as Second Factor
16
Fujitsu Palm Scanners
Iris Scanners
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 17
USPS Digital Credential Process
MiHINIdentity
Registration
Step 1 Provider presents credentials to passport clerk at USPS retail outlet passport window(or Secretary of State, other sites)
Step 2Obtain secure biometric identity by scanning palm and/or iris
Step 3 Register provider and link biometric template to provider account information
Step 4 Digital credential created.
Palm/iris scanner can now be used to login, or secure id and password can be used
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Identity Registration Screens
18
Welcome to trusted identity enrollment
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Confirm Person (HPD lookup)
19
John.williams@direct.mihin.org
Statewide Health Provider Directory query results
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Confirm Person (verify ids)
20
Identity Proofing
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Select Biometric Form Capture
21
Picture alternately could be utilized for facial recognition in the future
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Capture Palm
22
John.williams@direct.mihin.org
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Registration Completed
23
John.williams@direct.mihin.org
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036
Provider & Consumer Use Cases
Use Case for Identity Providers (IdPs): • Many health systems and health plans (including Medicaid) will stand up their own Identity
Providers (IdPs)• Provide the trusted identities that Identity Exchange Hub federates• IdPs must conform to HICAM Protocols from Implementation Guide
Use Case for Service Providers (SPs): • Service Providers under HICAM consist of services such as:
– Direct HISPs– Statewide Health Provider Directory– EHRs– Health and Medicaid systems inside state firewalls via MICAM– Health registries outside state firewalls such as:
• Peace of Mind (Advance Directives e.g. Living Wills)• Gift of Life (Organ donors)• Consent registries (standard consents at CMHs, clinical trial consents)
• Trusted identities from an IdP can be used for SSO between SPs• SPs must conform to HICAM Protocols from Implementation Guide
24
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 25
Thank you
Please send questions/inquiries to:
Jeff Livesay – Associate Directorlivesay@mihin.org
Brian Seggie – Director of Securityseggie@mihin.org
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 26
Workgroup Reports
• Patient and Consumer Participation in Direct – Lucy Johns and Leslie Kelly Hall
• Directory Policy – Bruce Schreiber and Jim Fisher• Security and Trust Compliance – Luis Maas and Jeff McDonald• Trust Anchor Bundle Operations – Greg Meyer• Certificate Policy and Practices – Don Jorgenson • Clinical Transitions of Care – Holly Miller and David Kibbe
www.DirectTrust.org1101 Connecticut Ave NW, Washington, DC 20036 27
Discussion
David C. Kibbe MD, President and CEO DirectTrust.orgDavid.Kibbe@DirectTrust.orgkibbedavid@mac.com913.205.7968
Lucy Johns, MPHIndependent Consultant ljohns@metacosmos.org
top related