Identity, Privacy, and the Quest for Scalable Trust: A Series

By Scott Stuewe, DirectTrust President and CEO
X: @DirectTrustorg
X: @StueweScott
LinkedIn: Scott Stuewe
This is an introduction to a 6-part series.

The business of identity, particularly in healthcare, is evolving rapidly, especially in light of the “app economy”. The COVID-19 outbreak has also raised the tenor of the discussion.

With the ONC’s Information Blocking Rule calling for patient records to be available to the patient through an “app of their choosing”, concerns have emerged about whether the user is actually the patient whose records are being retrieved, and more broadly, what could happen to this data after the patient retrieves it.

Once in the app, the data is free from the privacy protections provided by HIPAA. While many like American Medical Association board chair Jesse Ehrenfeld have offered that pitting privacy protections against access is a “false dichotomy”, a real tension is developing between the notions that individuals should have an expectation of privacy and an alternative view that the collection of “big data” is so important (and valuable) it must be done even at the expense of such privacy.

Also, as patient matching (the task of matching medical records from multiple sources) remains a stubborn, unsolved problem plagued by a 20%+ error rate, two diametrically opposed approaches to “resolving identity” are gaining traction. Identity sovereignty, which starts by identity-proofing individuals and building privacy of data and control of identity into systems can be seen in sharp contrast with identity surveillance. The latter model involves inferring who we are with great accuracy as long as a substantial amount of information is available on us.

Increasingly, a great deal of personal data is accessible, even sensitive data, for free or for purchase on the web. The collection and use of data for these purposes is probably completely legal, but both the public-at-large and lawmakers are beginning to wonder if there should be more regulation in this arena to guard against wholesale breaches of personally identifiable data (PII), both inside and outside of healthcare.

As the COVID-19 crisis has accelerated there have been calls for a relaxation of privacy protections so that data can be more freely accessed. We need to be very careful as we consider this – it is toothpaste that we can’t put back in the tube.

Meanwhile in the healthcare community, increasing attention is being paid to the identity of provider organizations, caregivers, and patients as they exchange healthcare data. Indeed, many cybersecurity experts agree, the core aspect of a Zero Trust Architecture is trust-in-Identity. Trust-in-identity is all about knowing and trusting who you interact with in cyberspace.

Without knowing with certainty who is on the other end of the line it is impossible to claim that any healthcare transaction or communication is secure.

Our organization’s lifeblood is trust. As a non-profit that instills trust-in-identity, we enable secure health data exchange between millions of providers and provider organizations. The DirectTrust network, built with privacy and security in mind, starts by identity-proofing participants in health information exchange – even when those participants are patients.

Our trust framework sets rules according to federal guidelines and we accredit multiple operating authorities to ensure both scalability and compliance. The standards-based protocol our members deploy also secures and encrypts messages in such a way that only the intended recipient can decrypt the message.

DirectTrust was launched as a not-for-profit trade association in 2012 to support trusted health information exchange and was funded in part for a few years by a cooperative agreement with the Office of the National Coordinator of Health Information Technology. Once DirectTrust was in place, the market grew to trust that the Direct Secure Messaging users in our community were assured to be who they say they were, and traffic on the network surged and continues to increase to this day. Since this beginning, 1.4 billion transactions have been sent and received – in 2019 we tracked 67+ million a month, ending the year with over 811 million messages sent and received.

As identity is a persistent issue in healthcare today, we’re deploying a series to further investigate trust-in-identity ideas and possible solutions.

As this series progresses, we will review:

  • how the DirectTrust community operates and how Direct Secure Messaging is different (more convenient and more secure) than mere encrypted email.
  • how trust-in-identity is established generally and why it is needed for the confident transmission of sensitive data like medical records.
  • identity-proofing in more depth, including how it has become more difficult as traditionally used identity information becomes public, degrading its value as evidence.
  • the relationship patient-matching has to identity.
  • “bring-your-own identity” and decentralized identity approaches, and how they are used in in other industries and countries to simultaneously enable identity, interoperability, transparency and consent.

In the series conclusion, we will explore a standards-based approach which could be deployed in US Healthcare in cooperation with other industries, even in the absence of government funding or mandates. The series conclusion imagines a model not unlike the DirectTrust network – built with privacy, security, and transparency in mind. The model will propose a “multi-player-game” which allows society to leverage the many participants in healthcare information exchange today, supporting the flow of information and analytics without compromising an individual’s identity or the privacy of their personally identifiable data.

This post is part of a series examining trust-in-identity. Join us for the next post where we examine scalable trust in identity to enable secure data exchange.

This article was originally published on the DirectTrust blog and is republished here with permission.