Consumer ID & Authentication

Focus: Advancing implementation of the NIST Identity Assurance Level 2 (IAL2) and Authenticator Assurance Level 2 (AAL2) guidelines in health care

Work in Development: An open source framework for federating trusted Identity Assurance Level 2 (IAL2) certified credentials across health care organizations using a person-centric approach which leverages biometrics and mobile technologies.

CARIN Resources

CARIN Health Care Digital ID Summit

A cross-section of industry leaders from both inside and outside health care met to discuss how to digitally identify individuals across systems without the need for portals in Washington, D.C. as part of a digital identity summit on June 4th. Participants discussed how to improve the exchange of data across systems leveraging a person’s individual consent preferences and the use of Fast Healthcare Interoperability Resources (FHIR) application programming interfaces (APIs). The group highlighted best practices and open standards for securely identifying, authenticating, and matching individuals to their health information across multiple health plans, providers, and health information exchanges (HIEs) in a trusted way with consumer consent.

CARIN ID Proofing White Paper

The CARIN ID Proofing White Paper introduces health care organizations to the importance of identity assurance through ID proofing individuals using the NIST guidelines.

Other Resources on ID & Authentication

Collecting Patient Attributes

National Association of Healthcare Access Management (NAHAM)

  • NAHAM provides a set of best practices, developed by the professional association of patient registrars, for better collecting key patient data attributes.

 

Patient Matching

Pew Charitable Trusts

 

Digital Identity and Authentication Guidelines

NIST

ONC FAST Solutions

 

User Authentication

FIDO Alliance

The FIDO Alliance uses an open, universal two-factor authentication standard (combination of your finger’s biometric and a cryptographic key built into the hardware in your phone) to eliminate the need for user names and passwords on the internet. See their resources:

 

Trust & Federation

The third-party certifiers that independently verify identity providers and their processes.

Kantara Initiative

Direct Trust

UDAP

SAFE Identity