Compartilhar via


Health identifiers

Microsoft Australia recently provided a submission to the Australian Health Ministers’ Advisory Council Healthcare identifiers and privacy: Discussion paper on proposals for legislative support.

The discussion paper provides a welcome opportunity to focus on this important area. I concur very much with the value proposition of unique provider identifiers for the broader challenge of delivering an integrated eHealth system, and recognise the very significant safety and quality values of identifiers for both patients and health professionals. However, I think it’s important to recognise that this infrastructure is not an essential pre-requisite for the deployment of personal-controlled electronic health records in Australia.

Indeed, we don’t think that the source of all data will be a health provider (for example blood glucose readings could be entered via a device, exercise data could be provided by a fitness coach, medication data could be delivered by an electronic prescription exchange). Microsoft’s experience in the rollout of the Healthvault person-controlled electronic health record, suggests that many data sources required for monitoring and coordination of care derive from sources outside traditional health providers and so reliance on a tightly defined set of providers via a centrally managed set of identifiers is likely to prove problematic. Naturally, requirements for creating and managing activities across providers and systems is still an ongoing requirement but the need to deploy a single, centrally managed ID to do this is not in our view a fundamental pre-requisite and in some cases may be a barrier to innovation.

In all cases where Identity has been traditionally required in the physical environment, the specific driver for that can be resolved back to the need to satisfy some “claim” in order to achieve some desired outcome. For instance, a drivers licence, although thought of as proof of identity, is in fact a token issued by a trusted authority (an Identity Provider) that validates the individuals claim to be able to lawfully drive on a particular state or territory road. Likewise a prescription is issued by a doctor to validate the patients claim to be able to purchase and consume particular medicine. In each case a discreet claim is made which requires a very specific set of data to be returned as proof by the Identity Provider. In the case of an online drivers license this could be a simple token with the individual’s photo binding the holder of the card with an image. Age, Name, Address etc can be absent from the card itself as these are able to be satisfied at the point of enrolment and need not be displayed on the card for subsequent use.

This is a fundamentally important point to note given the challenges presented by the Internet environment where correlation of data is achievable at scale and privacy can be deeply threatened through poor design and management of identity systems.

For health identifiers in Australia, the core tenets of this approach should be:

· The system must place the user at the centre of the interaction where possible ensuring consent and control over personally identifiable information flows.

· Disclose only the very minimum amount of information possible for a clearly constrained use

· Only involve those in the transaction who have a logical right to be involved

Microsoft has worked with the broader industry to refine these and has incorporated them into the design and deployment of its own technology offerings. When it comes to patient identification (and other parties that are not registered health professionals), we think that the strategy should incorporate existing internet-scale identity providers who are capable of providing standards based identity, such as OpenID.

I would also be interested of your views on this topic.

James Kavanagh, Health Solutions Architect, Microsoft Australia

Technorati Tags: health,identity,Healthvault,data,ehealth