Identity Standards - Damon Berry


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Identity Standards - Damon Berry

  1. 1. Damon Berry HISI 2011 Health Identity Standards and Specifications TeaPOT , School of Electrical Engineering Systems, DIT. http://
  2. 2. Introduction <ul><li>Some identity definitions </li></ul><ul><li>Demographics models / trait sets </li></ul><ul><li>Standards for identity matching </li></ul><ul><li>Gaps in standardisation </li></ul>
  3. 3. Matching concepts EN13606 Access Control (PMAC) “ entity” attester subject committer IXS entity … entity principal policy document role act authentication Policy management authorisation audit Privilege management Principal management Access control management
  4. 4. Background terms <ul><li>Definition </li></ul><ul><ul><li>Identifier </li></ul></ul><ul><ul><li>Trait </li></ul></ul><ul><ul><li>Identity </li></ul></ul><ul><ul><li>Identity domain </li></ul></ul>Identifier Identifier Trait Trait Trait Trait Trait Trait Identity Domain Identity (trait set +,…)
  5. 5. Primary identifiers – assigned at a national level <ul><li>Individual Healthcare Identifiers (IHIs) </li></ul><ul><li>Healthcare Provider Identifiers – Individual (HPI-Is) assigned to healthcare professionals </li></ul><ul><li>Healthcare Provider Identifiers – Organisation (HPI-Os) assigned to organisations where healthcare is provided . </li></ul>
  6. 6. Demographics models
  7. 7. Identity cross reference service(OMG/HL7)
  8. 8. Standardised trait sets for people and organisation ISO/TS 22220:2009 Health Informatics - Identification of subjects of health care ISO/TS 27527:2010 Health informatics - Provider identification
  9. 9. EHRcom Demographics Model
  10. 10. Commonly occurring features in demographic models <ul><li>“ Identified entity” </li></ul><ul><li>Data types </li></ul><ul><li>Trait – trait part </li></ul><ul><li>Validity time </li></ul><ul><li>Role </li></ul>
  11. 11. Gap 2 - Identity of other types of entities <ul><li>Samples / specimens </li></ul><ul><li>Orders </li></ul><ul><li>Episode </li></ul><ul><li>Instrument (there already) </li></ul><ul><li>Omic entities </li></ul>
  12. 12. Secondary identifiers in the EHR <ul><li>Lab number </li></ul><ul><li>Sample / Specimen Number </li></ul><ul><li>Order Number </li></ul><ul><li>Episode ID </li></ul>
  13. 13. Gap 3: turning local identifiers into global ones (just to uniquely identify - not to link entities) <ul><li>Three approaches </li></ul><ul><li>OIDS </li></ul><ul><li>UUIDs </li></ul><ul><li>URIs </li></ul>
  14. 14. ISO Object Identifiers (OIDs) <ul><li>a standardised identification scheme. </li></ul><ul><li>developed in 1985 now widely used in the standards community. </li></ul><ul><li>Each OID forms a node in a tree. </li></ul><ul><li>The arcs (edges or branches) between nodes in tree are numbered and can also be associated with an alphanumeric identifier. </li></ul><ul><li>Some examples of different OID notations. </li></ul><ul><ul><li>Numeric form 2.16.382.1 </li></ul></ul><ul><ul><li>Alphanumeric form {joint-iso-itu}.{country}.{ire}.{organisation}. </li></ul></ul><ul><ul><li>URN notation urn:oid: 2.16.382.1 </li></ul></ul><ul><ul><li>IRI notation oid:/joint-iso-itu/country/ire/organisation </li></ul></ul>
  15. 15. OIDs ISO-ITU IRE HSE HRB CSO ESRI Acute Care Primary Care Patients HCPs Pharma SJH AMNCH Parklands MC Beamont MC UHIC. 123 UHCP. 123 5 million 3,000 800 120,000 Snomed-CT Drug A ?? Drug B International OIDs National OIDs
  16. 16. National OID repositories <ul><li>Germany </li></ul><ul><li>Switzerland </li></ul><ul><li>Spain </li></ul><ul><li>United Kingdom </li></ul><ul><li>Norway </li></ul><ul><li>… using Excel. </li></ul>
  17. 17. A better way, OID Resolution Protocol <ul><li>The OID resolution protocol (ORP), defined in a IEC work item will define the interaction between </li></ul><ul><ul><li>OID resolution client which sends an OID as part of a request and </li></ul></ul><ul><ul><li>OID resolution server which returns the OID information available at the corresponding node in the tree. </li></ul></ul><ul><li>Similar to the Domain Name Service. </li></ul>
  18. 18. UUID Universally Unique Identifier <ul><li>Formed by a series of 16 octets or a total of 128 bits or 32 hexadecimal digits (often separated in groups of four). </li></ul><ul><li>A new unique UUID could be created every 100 nanoseconds on every internet machine for the next 1600 years. </li></ul><ul><li>UUIDs can be registered in an OID registry. For example the OID 2.25 has been reserved as a registration authority for UUIDs. </li></ul>
  19. 19. Scope of the three types of unique identifiers . URIs UUIDs OIDs Registered UUIDs (in OID repository)
  20. 20. URI or Uniform Resource Locator <ul><li>A string that identifies a name or internet resource. There are two types of URI and a resource can be addressed by both types simultaneously. </li></ul><ul><ul><li>URL (Uniform Resource Locator) is a widely used type of URI that identifies and provides a means for retrieving an internet resource. </li></ul></ul><ul><ul><li>URN (Uniform Resource Name) is a mechanism for naming or finding a resource and associating meta-information with a name. The presence of a URN for a resource does not necessarily imply that the resource is available. A URN can be used to represent an OID. The joint ISO-ITU OID for Ireland in URN syntax is </li></ul></ul><ul><ul><li>urn:oid:2.16.382 </li></ul></ul>
  21. 21. Thank you [email_address]