Health Identity Management & Role-Based Access Control in a Federated NHIN - e-Auth Phase 3


Published on

Healthcare Identity Management and Role-based Access in a Federated NHIN - Session 170
Tuesday, April 7, 2:15 PM - 3:15 PM
Convention Center, Room:N 427 c
Richard Moore
John Frazer

The National Health Information Network requires secure connection of health organizations within and across state borders. Phase Three of the e-Authentication Pilot Project investigates open source and virtual server solutions to address this issue. Learn about the successes and challenges to this pilot project.

Published in: Health & Medicine, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Richard Moore is the owner and president of DME Consulting Services. He has over 30 years experience with Healthcare Information Systems working with many public and private organizations. His broad-based knowledge of health information systems and operations comes from experience working directly with providers, payers, software manufacturers, electronic data interchange organizations, billing services, clearinghouses and government agencies. He is the current president of eHealth Ohio, Inc., a non-profit regional affiliate of the national standards development organization Workgroup for Electronic Data Interchange (WEDI). His primary WEDI focus is HIPAA X12 EDI transactions and he has participated as an author on WEDI testing whitepapers. He is an active participant in the Healthcare Information and Management Systems Society (HIMSS) and is the current Chair of the HIMSS RHIO Liaison Roundtable. He is also a member of the Board of the Central and Southern Ohio HIMSS (CSOHIMSS) Chapter and is the Chapter Advocacy Chairman and the RHIO Liaison for the State of Ohio. He is involved in the Healthcare Information Technology Standards Panel (HITSP) on the Security, Privacy and Infrastructure technical committee (SPI-TC). Also he is a founding member of the Liberty Alliance Health Identity Management Special Interest Group (HIM-SIG). The last three years he has been a project lead for the study on the use of the GSA e-Authentication model for the Nationwide Health Information Network (NHIN) focusing on electronic identity management, secure electronic health information exchange and federated single sign-on. John Fraser founded and is CEO of based in Minneapolis, Minnesota. is wiring up health care by providing Record Locator Services, security and privacy technologies and national connectivity to current and emerging health information exchanges. Prior to founding MEDNET in 2006, John Fraser was the co-founder and former CEO of VisionShare Inc, a company building a secure, national infrastructure for claims connectivity and Medicare billing services with over 50% of all U.S. hospitals using their software. Prior to VisionShare, John built MEDNET, a state-wide medical network in Minnesota at the Minnesota Health Data Institute. Prior to the Institute, John built a state-wide Cancer Surveillance system at the Minnesota Department of Health. John has also done stints at Honeywell and Control Data Corporations. John is the co-chair of the Health Identity Management Special Interest Group of the Liberty Alliance (HIM-SIG). John is an avid bicyclist, diver and swimmer, with an undergraduate degree from the University of Minnesota. John holds a private pilot’s license and a 1st degree black belt in Tae Kwon Doe Karate.
  • Health Identity Management & Role-Based Access Control in a Federated NHIN - e-Auth Phase 3

    1. 1. Health Identity Management and Role-Based Access Control in a Federated NHIN Model The e-Authentication Project Phase 3 Co-presenters: Richard Moore, President eHealth Ohio and John Fraser, CEO Presented to: HIMSS 2009
    2. 2. Abstract <ul><li>Nationwide Health Information Network (NHIN) requires the secure connection of health organizations within and across state borders. The e-Authentication Pilot Study Phase 2 concluded in the development of a healthcare specific configuration of a Shibboleth network architecture and the development of healthcare related directory objects for role-based authorization. </li></ul><ul><li>The technology was successfully demonstrated at the HIMSS 2008 IHE Showcase and is a part of the NHIN2. Phase 3 software improvements include Shibboleth 2.x and SAML 2.x for protocol, assertions and bindings. </li></ul><ul><li>Phase 3 expands supported services including; Record Location Services (RLS), proprietary Electronic Health Records (EHR), Personal Health Record Service (PHR) and Public Health Immunization Record Services. Also by incorporating virtual server technology Phase 3 reduces the time to implementation and ongoing administrative support of a network. </li></ul>
    3. 3. HIMSS description of benefits <ul><li>Primary Objective </li></ul><ul><li>The e-Authentication Project investigates open source, national/international standards and virtual server solutions to a secure NHIN. </li></ul><ul><li>Benefits </li></ul><ul><li>Audience will gain an understanding how Federal standards for Identity management and Authentication as defined by the GSA, NIST, ASTM, HL7, HITSP, IHE, OASIS, Internet2 and Liberty Alliance can be used by RHIOs for federated single sign-on. Learn how open source software developed by the International Internet2 project and funded by the National Science Foundation can be leveraged for role-based authorization by RHIOs. Learn how multiple state RHIOs can form a trust network that minimizes the burden on the user to securely access information. Learn how virtual server use can reduce the time to implementation and ongoing administrative support of a network. </li></ul>
    4. 4. Talk Outline <ul><li>The Vision </li></ul><ul><li>e-Authentication Project </li></ul><ul><li>Introducing Nationwide Health Information Network (NHIN) </li></ul><ul><li>NHIN Security Overview </li></ul><ul><li>Shibboleth introduction and recent projects </li></ul><ul><ul><li>Projects Phases 1-3 </li></ul></ul><ul><li>Federation and NHIN </li></ul><ul><li>A connected health care system </li></ul><ul><li>Phase 4 & Next Steps </li></ul>
    5. 5. The Vision <ul><li>Health information exchange is a pioneering effort </li></ul><ul><ul><li>Scouting Parties </li></ul></ul><ul><ul><li>Established Communities </li></ul></ul><ul><ul><li>Pioneering Settlers </li></ul></ul><ul><li>Established guidance and standards </li></ul><ul><ul><li>Federal Guidance – GSA, NIST, Agencies, ONC, HIPAA </li></ul></ul><ul><ul><li>Standards – HITSP, HL7, IHE, OASIS, X12, ISO </li></ul></ul><ul><ul><li>Solutions – Vendors, Open Source, Internet2 </li></ul></ul><ul><ul><li>Accreditation – CCHIT, Liberty IAF/IAG </li></ul></ul><ul><li>e-Authentication Project focus </li></ul><ul><ul><li>“Rough consensus, running code.” </li></ul></ul>
    6. 6. <ul><li>Who : HIMSS and The General Services Administration (GSA) </li></ul><ul><li>When : 2006, early 2007 </li></ul><ul><li>Purpose : Demonstrate federally approved authentication services </li></ul><ul><li>What : Pilot used Electronic Authentication Service Components established under Homeland Security Presidential Directive HSPD 12, Policy for a Common Identification Standard for Federal Employees and Contractors. </li></ul><ul><li>Pilot Participants : Seven Regional Health Information Organizations (RHIOs)/health information exchanges (IHEs) and ORC, Inc. Federal Certificate Authority. </li></ul>HIMSS/GSA eAuthentication Project
    7. 7. Phase 1 – 8 Participants - 2006 <ul><li>GSA: ORC, Inc. ACES Certificate Authority </li></ul><ul><li>CT: e-Health Connecticut </li></ul><ul><li>MI: Michigan Data Sharing & Transaction Infrastructure Project </li></ul><ul><li>TX: CHRISTUS Health, Health eCities of Texas Project </li></ul><ul><li>MN: Community Health Information Collaborative </li></ul><ul><li>OH: eHealth Ohio/OSC Bioinformatics </li></ul><ul><li>OH: Virtual Medical Network </li></ul><ul><li>NV: Single Portal Medical Record Project </li></ul>
    8. 8. <ul><li>Multiple RHIOs can agree and implement a common framework for the policies, procedures, and standards for federated identity authentication across multiple use cases. </li></ul><ul><li>The Federal e-Authentication infrastructure is relevant and applicable to use cases for RHIOs in diverse operational environments. </li></ul><ul><li>PKI, as a standard for strong authentication, can be deployed uniformly across multiple RHIOs. </li></ul><ul><li>The Federal PKI and its trusted Federal Credential Service Providers can be leveraged for use in multiple use cases across multiple RHIOs. </li></ul><ul><li>For RHIOs, local registration authorities and local enrollment are viable for larger scale deployments to provide for strong authentication using Federal e-Authentication components. </li></ul><ul><li>Hardware tokens (i.e., smart cards, flash drives) are viable for RHIO deployment of level 4 authentication assurance. </li></ul><ul><li>The results were published in the HIMSS Whitepaper: HIMSS/GSA National e-Authentication Project Whitepaper, 6/2007 </li></ul>Phase 1 – Results
    9. 9. Phase 2 – 5 Participants - 2007/2008 <ul><li>CT: e-Health Connecticut </li></ul><ul><li>MN: MEDNET, USA </li></ul><ul><li>MN: Community Health Information Collaborative (CHIC) </li></ul><ul><li>OH: eHealth Ohio </li></ul><ul><li>OH: Virtual Medical Network </li></ul>
    10. 10. <ul><li>Shibboleth network servers for Identity and Service Provders were established. </li></ul><ul><li>Simplified Role-Based Access for Referrals and Emergency scenarios were tested successfully. </li></ul><ul><li>The Shibboleth solution was incorporated into the IHE Interoperability Showcase for The HIMSS Annual Meeting in 2/2008. </li></ul><ul><li>The results were presented at the HIMSS Annual meeting 2/2008. </li></ul>Phase 2 – Results
    11. 11. Phase 2 Federation Test – MN & OH CHIC Hospital, Portal CHIC Clinic, Connecticut e-Health eHealth Ohio, VMN Test server MN Shibboleth IdP Service Providers Internet Physician Users VMN Shibboleth IdP
    12. 12. Examples of Role Identification 397897005     146N00000X, 146M00000X, 146D00000X Emergency Medical Technician         Emergency Services 66862007 R   2085XX Radiologist 80584001 P   2084P0800X Psychiatrist 159034004   4 213EXX Podiatrist (DPM) 61207006 CLP   207ZXX Pathologist     33 175F00000X Naturopath       175L00000X Homeopath 112247003 GP 1 204XX, 207XX, 208XX, 209XX MD/Allopath 76231001 GP 7 204XX, 207XX, 208XX, 209XX DO/Osteopath 3842006   5 111NXX Chiropractor (DC) SNOMED CT ABMS CAQH ASTM - NUCC Taxonomy Physician
    13. 13. Selected ISO 21091 Directory OIDs HcConsumer 1.0.21091.1.1 HcProfessional 1.0.21091.1.2 HcEmployee 1.0.21091.1.3 HcPayer 1.0.21091.1.5 HcStandardRole 1.0.21091.1.8 HcLocalRole 1.0.21091.1.9 HcDevice 1.0.21091.1.11
    14. 14. Example Roles between HIEs: User Role from Identity Providers HIE (1) HIE (2) HIE (3) John Fraser BasicMember Richard Moore Administrator Physician A Dr. Smith Physician B First Responder
    15. 15. Phase 3 – 2008/2009 <ul><li>The Original Focus of Phase 3 was to extend the Role-Based Access Model and scalability. </li></ul><ul><li>A Record Locator Services was successfully added. </li></ul><ul><li>CHIC was selected for the NHIN2 development and NHIN work took precedence for 2008. </li></ul><ul><li>Based on the participation in the NHIN, the e-Authentication project is now a portal to the NHIN. </li></ul><ul><li>Scalability gains were achieved by using virtualization of servers to reduce maintenance and application deployment. </li></ul><ul><li>Streamlining certificate provisioning. </li></ul>
    16. 16. Secure & Federated Vision <ul><li>Who am I - Need to federate, or share identities </li></ul><ul><ul><li>Too many passwords – too little security! </li></ul></ul><ul><li>Do you trust me - standardized PKI security </li></ul><ul><ul><li>Liberty Alliance’s IAF framework </li></ul></ul><ul><ul><li>SAFE Biopharma global infrastructure </li></ul></ul><ul><li>What do you want – standardize services </li></ul><ul><ul><li>NHIN Core Services </li></ul></ul><ul><ul><li>Other standardized Web Services (SOAP) </li></ul></ul>
    17. 17. Nationwide Health Information Network <ul><li>Developed by Department of Health and Human Services </li></ul><ul><li>18 initial participants </li></ul><ul><li>Internet-based, uses existing Internet standards </li></ul><ul><li>Web Services based with SAML security </li></ul><ul><li>No centralized servers / control </li></ul><ul><li>Moving into production in 2009 </li></ul>
    18. 18. NHIN Connectivity Overview Your existing sites Your organizations network Feds: SSA, DoD, VA, CDC, etc Nationwide Health Information Network - NHIN INTERNET Payers Providers State & Local Health Information Exchanges (HIE)
    19. 19. NHIN Foundation - Web Services <ul><li>Provide a standard platform for health care messaging </li></ul><ul><li>All communications are standardized SOAP/Web Services messages described with WSDL </li></ul><ul><li>Leverage proven standards only </li></ul><ul><li>Web Services Interoperability (WS-I) </li></ul><ul><ul><li>Basic Profile 1.2 </li></ul></ul><ul><ul><li>Basci Security Profile 1.1 </li></ul></ul><ul><li>Open Source implementations – no vendor lock </li></ul>
    20. 20. NHIN Foundation – Web Services Standards Used Standard Version Description SOAP (Simple Object Access Protocol) 1.1 Describes XML message standard WSDL (Web Services Description Language) 1.1 Describes the SOAP/Web Services messages MTOM (Message Transmission Optimization Mechanism ) 1.0 SOAP message attachments standard WS-Addressing 1.0 Message routing information HTTP 1.1 Standard web connection for SOAP message exchanges UDDI 3.0.2 Service Registry of NHIN services
    21. 21. NHIN Foundation – Web Services Security Standards Used Standard Version Description TLS (Transport Layer Security) 1.0 Similar to SSL – used to encrypt data per connection Digital Certificates x.509v3 Standard digital certificates XML Signature 1.0 Provides digital signature of messages SAML 2.0 Who am I – asserts identity of sender in small XML message
    22. 22. NHIN Foundation – Message Security <ul><li>Authenticated </li></ul><ul><li>Secure </li></ul><ul><li>Not subject to later repudiation </li></ul><ul><li>NHIN implementing Public Key Infrastructure (PKI), based on X.509 certificates </li></ul><ul><li>Basis of trust at the implementation level is a shared Certificate Authority chartered by NHIN governance body </li></ul>Messages between HIEs must be:
    23. 23. Example secure NHIN message* Required in all NHIN SOAP messages (*) standard SAML-secured SOAP message – not NHIN specific Example payload: HL7v3 CCD Message in XML format
    24. 24. Identity Management Federations and NHIN <ul><li>Goal: to be able to share and understand identities between health care organizations </li></ul><ul><li>Goal: No central registry (big brother) </li></ul><ul><li>Goal: Multiple providers of identities from small clinics to huge research centers </li></ul><ul><li>Goal: Standardized “ROLES” so trust can be role-based as well </li></ul>
    25. 25. Identity Management Solution: Overview of Shibboleth <ul><li>Shibboleth* – an open-source federated identity management system </li></ul><ul><li>Sponsored by Internet2 </li></ul><ul><li>Compatible with standards </li></ul><ul><ul><li>SAML 2.0 / NHIN </li></ul></ul><ul><ul><li>Liberty Alliance Standards </li></ul></ul>(*)
    26. 26. Shibboleth “Club” <ul><li>Shibboleth software has the concept of a “Club” </li></ul><ul><li>A “Club” is a group of organizations that support single sign on between themselves. </li></ul><ul><li>Club is common security and operational policies </li></ul><ul><li>Simplifies trust between members </li></ul><ul><li>Clarifies SAML assertion management </li></ul><ul><li>Directory information can then be exchanged and trusted between companies regarding identities. </li></ul>
    27. 27. CHIC & Ohio – Record Locator Service & NHIN CHIC SISU / St.Luke’s VRMC Users NHIN Backbone connecting HIEs Community Security/ Privacy Officers Log Reviews Personal Health Record (PHR) Role Based Access Control Service Community Patient Privacy Manager Audit Database XDS Registry and Repository Patient Clinical Info Retrieval Lookup MEDNET GRID SERVER Immunization Connection eHealth Ohio, VMN Test server LOGIN MEDNET NHIN Gateway Record Locator Query Engine Federated Identity Management Service
    28. 28. Federation Example – eHealth Ohio and MN <ul><li>Completed HIMSS/GSA project in 2006 </li></ul><ul><ul><li>MN project implement Shibboleth </li></ul></ul><ul><li>Completed “Phase 2” - 2007 </li></ul><ul><ul><li>MN & OH linked 2007 pilot using Shibboleth Club </li></ul></ul><ul><li>Completed “Phase 3” - 2008 </li></ul><ul><ul><li>NHIN work in MN </li></ul></ul><ul><li>2009 – Phase 4 and beyond?? </li></ul><ul><ul><li>Tying NHIN / Phase 3 work / HIE interests together </li></ul></ul>
    29. 29. Phase 4 - Federation Architecture <ul><li>Develop SAML 2.0 federation pilots </li></ul><ul><ul><li>Partner with NHIN projects </li></ul></ul><ul><li>Develop standardized “ROLES” between HIEs </li></ul><ul><ul><li>Easy trust models </li></ul></ul><ul><li>Develop simple installations </li></ul><ul><ul><li>Open source solutions </li></ul></ul><ul><ul><li>Simple solutions </li></ul></ul><ul><ul><ul><li>Virtual Server technologies (VMware, etc) </li></ul></ul></ul><ul><ul><li>Trust and replication between participants </li></ul></ul>Goals:
    30. 30. The Possible Future <ul><li>Public Health – online disease investigations </li></ul><ul><ul><li>No more snail-mail, calls and faxes </li></ul></ul><ul><ul><li>Immediate investigation of bad diseases / outbreaks </li></ul></ul><ul><ul><li>Project starting with CDC this year! </li></ul></ul><ul><li>Ambulances look you up while enroute </li></ul><ul><ul><li>Treatment, allergies, drugs known beforehand </li></ul></ul><ul><ul><li>MN Pilot being developed with Mayo and CHIC HIE! </li></ul></ul><ul><li>Emergency Departments “Preloaded” </li></ul><ul><ul><li>Insurance, emergency contacts, medical history, primary care docs – known before you arrive! </li></ul></ul><ul><li>Insurers on-line </li></ul><ul><ul><li>Immediate eligibility at any point of care </li></ul></ul><ul><ul><li>Insurance and co-pays always known </li></ul></ul><ul><li>Medical Banking – fast payments </li></ul><ul><ul><li>HSA payments, co-pays happen at point of service </li></ul></ul>
    31. 31. Help us build our vision! Contact us if interested in learning more about Phase 4 - Open invitation to learn about technology - Open invitation to join us in Phase 4
    32. 32. Thanks! Presenter information: <ul><li>Rick Moore </li></ul><ul><ul><li>eHealth Ohio </li></ul></ul><ul><ul><li>+1 877.813.9750 </li></ul></ul><ul><ul><li>[email_address] </li></ul></ul><ul><li>John Fraser </li></ul><ul><ul><li> </li></ul></ul><ul><ul><li>+1 612.435.7602 </li></ul></ul><ul><ul><li>[email_address] </li></ul></ul><ul><ul><li>Co-chair of the Health Identity Management Special Interest Group of the Liberty Alliance (HIM-SIG), see: </li></ul></ul>