Patient Identity and Matching

People and Operational Controls as Attack Vectors

By Kyle Neuman – Part 4 of 5. In the previous two blog posts of this series on identity credentials, we discussed identity proofing and authentication. This blog post will focus on an attack of the operational controls of an identity system. This is the third and final attack that we’ll consider for Risk Category 2, nefarious impersonation.


Stolen Authenticators

By Kyle Neuman – Part 3 of 5 – In a continuation of our Identity Credential Risk series, we focus on stolen authenticators. We previously outlined the difference between Identity Credentials and Unique Identifiers and risks of Identity Fraud, Impersonation, and Misissuance.




Identity and Patient Matching

By Scott Stuewe – Part 6 of 6 – As I mentioned in my introduction, patient matching doesn’t work terribly effectively today. The problem has its root in the identity challenges we have been discussing, although it is important to separate the patient matching challenge from trust-in-identity – these are related, but not congruent topics.


Resolving Identity and the Erosion of Privacy

By Scott Stuewe – Part 5 of 6 – As data about individuals becomes more readily discoverable, we need to take care not to allow the erosion of our privacy as we look to tackle identity and establish trust on the internet. As we create tools to identify people for the right reasons, we need to remain vigilant that we don’t lose control of all our personally identifiable information in the process.


Identity Proofing – I Yam What I Yam

By Scott Stuewe – Part 4 of 6: What makes us what we are? Who knows who we are? If you had to prove you are who you say, for the very first time, if you don’t have an ID already, how would you do it? My mother was there when I was born and could tell you it’s me, but she is no longer with us.


Trust, Identity, and the Internet

By Scott Stuewe – Part 3 of 6 – Trust can’t be legislated or manufactured. Trust is earned by demonstrating ongoing reliability. Trust isn’t taken on faith, and it can be lost in a moment when foundational conditions change. Facebook is less trusted now than it was before Cambridge Analytica.