Thursday Dec 10, 2009

Federated Identity for Electronic Medical Records

Many thanks to my good friend Jonathan Gershater for sending me the link to another excellent post about Identity and Healthcare.  I particularly like his illustration of using Federated Identity to facilitate trusted exchange of medical records between different medical service providers. 

A user of any (Healthcare) ServiceProvider, who has been issued a digital identity by the trusted IdentityProvider, may seamlessly interact with the healthcare providers (SPs). The user will present the digital identity issued by the IdP, the SP will verify the Identity, and the user will be granted access to the Service Provider’s application. However, based on the user’s attributes and role, the functionality available to the user will vary.  A physician may alter a medical record but only within their specialty ( a dermatologist cannot alter a prescription for spectacles). A pharmacist may view but not alter the prescription for insulin in a healthrecord.  A patient may only view but not alter their medical record.

Federated Identity for Electronic Medical Records

Identity Enables NHIN or Health Internet

Jonathan Gershater recently published an interesting blog post exploring the conceptual differences between the National Health Information Network (NHIN) infrastructure, “a collection of standards, protocols, legal agreements, specifications, and services that enables the secure exchange of health information over the internet,” and an alternate approach known as the Health Internet, “an open-market standards-based approach to enable the exchange and sharing of electronic health data, using existing Internet standard protocols and web technologies.”

Jonathan referenced two informative posts on The Health Care Blog and Practice Fusion’s blog.  I’m still trying to wrap my mind around the significance of these two architectural directions, but it certainly appears that Identity is a critical part of the solution, regardless of what alternative approach or derivatives thereof may emerge.  Any Electronic Health Record (EHR) system must be based upon secure, flexible and scalable Identity Management system.

Thank, Jonathan, for the excellent reference.

About

Discovering Identity was founded on blogs.sun.com in May 2005 as a means of documenting my exploration of the field of Identity and Access Management. In February, 2010, I switched to hosting the blog at DiscoveringIdentity.com. In March 2012, I began posting Oracle-related information in both places.

Thanks for stopping by.

Please connect with me in cyberspace at LinkedIn or Twitter.


The views expressed on this blog are my own and do not necessarily reflect the views of my employer, Oracle Corporation, or any other person or organization.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today