Utilizing the power of data can empower patients and arm developers in the creation of new tools and platforms. Whether it’s authenticating data, downloading it via BlueButton, or connecting data with other applications using BlueButton on FHIR, increased data accessibility is a win for everyone. Presenters will give an overview of the opportunities and challenges that exist today and share the newest technologies and initiatives that are overcoming them.

1. Privacy Networks and the Unified Trust Model
frictionless patient-centric sharing, analysis and personalization
Jonathan Hare
CEO, WebShield, Inc.

2. 2 WebShield Inc.
with no consistent way to…
• find and retrieve patient records
• authenticate and authorize access by patient and their caregivers
• trust policy enforcement and regulatory compliance by other organizations
• share or analyze data without risking privacy, security or commercial rights
US Healthcare is
*wildly* complex
• 320 million people
• 7.8 million clinicians & staff
• inconsistent identifiers & schemas
• highly privacy sensitive & regulated data
• 1,000s of vendors, 10,000s of enterprises, 100,000s of IT systems
• each patient has a unique, fragmented and changing network of data sources and caregivers
Enterprise
Centric
Computing
Patient-Centered
Evidence-Based
Healthcare

3. No amount of brute force
can make
enterprise-centric computing
support
patient-centric care
on a national scale (let alone global)

4. 4 WebShield Inc.
the
underlying
challenge
“Little Data” Privacy (records of individuals)
“Big Data” Privacy (population-scale analytics)
Commercial Rights (unwilling to share)
Semantic Interoperability (can’t link or understand)
Regulatory Compliance (not allowed to share)

5. 5 WebShield Inc.
“Classical” enterprise-centric techniques
for data sharing and analytics are wildly inadequate
for patient-centered, evidence-based healthcare

6. HIPAA de-identificationdata use agreements federated analytics
Centralized
Hub
Data
Recipients
Data
Sources
aggregated
statistics
Coordinating
Center
bigger data siloes
meets legal straightjacket
works with enterprise-centric IT
creates “network effects”
exacerbates cyber-security risks
compliance expensive, inflexible
one-size-fits-all, blocks 90% of uses
forces everyone to trust the hub
“data lobotomy”
meets flawed privacy
analytic blind-fold
meets operational straightjacket
no longitudinal records
severely compromises analytics
no user interaction (missing values)
no personalized decision support
simplifies data governance
reduces privacy risks
de-identified
original data
almost always easy to re-identify
can’t de-identify genomic data
severely compromises analytics
unambiguous HIPAA compliance
sounds good (to politicians)
no personalized decision support
analyze at distributed data sources,
aggregate & interpret statistical results.
remove or obfuscate 18 types of
personally identifying attributes.
HIPAA
G-L-BIRS 6103
EU Data Protection Directive
FISMA
contracts specify commercial terms, regulatory
requirements, authorized uses & recipients

7. 7 WebShield Inc.
The underlying problem with “classical” techniques is that there is an
inherent conflict between privacy and sharing…
…or is there?

8. New Paradigm: “Quantum Privacy”
obfuscate data so that it is both
- fully opaque (meaningless gibberish)
and
- fully computable (no loss of information)
- at the same time…
simultaneously enforce policies of all stakeholders
at the finest possible level of granularity (‘quantum level’)
before any meaningful data is revealed to anyone (including “insiders”)

9. 9 WebShield Inc.
Enabling Quantum Privacy
Unified Trust ModelPrivacy Network

10. 2952.3367731...
sJ92fKA24sL…
72679426.3166…
82Fa4JiqR3i…
93742157.4126…
We2B381H5…
Privacy
Proxy
Node 1 Node 2 Node N
encrypt
tokenize
randomize
crypto-hash
Input Graph
148.53
148.53
clear
text
Privacy Graph
apply
policies
obfuscatePrivacy
Algorithm
management plane
control plane
data plane
tokenized
randomized
crypto-hashed
429jQk1Mz9…
93742157.4126…
We2B381H5…
{148.53} {dx72Fx92Ua…} {T62p2JsV9sI…}
429jQk1Mz9…T62p2JsV9sI…dx72Fx92Ua…
Trust
Authority
Privacy
Network
Privacy Algorithms
Graphs broken up into individual values, obfuscated by distributed “privacy pipes”,
then re-assembled into a “privacy graph” made up of opaque tokens.
• privacy graphs are opaque and meaningless to any observer, yet fully computable.
• algorithms and policies can be executed data without revealing anything to anyone.
• any data, algorithms,
or policy definitions.
• provenance, schema
& trust criteria

11. Privacy
Proxy
Node 1 Node 2 Node N
encrypt
tokenize
randomize
crypto-hash
Input Graph
148.53
148.53
clear
text
148.53
Privacy Graph
apply
policies
obfuscate
enforce
policies
de-obfuscate
Privacy
Algorithm
management plane
control plane
data plane
tokenized
randomized
crypto-hashed
429jQk1Mz9…
93742157.4126…
We2B381H5…
429jQk1Mz9…
{148.53} {dx72Fx92Ua…} {T62p2JsV9sI…}
429jQk1Mz9…T62p2JsV9sI…dx72Fx92Ua…
Trust
Authority
Privacy Algorithms
Privacy graph information can be resolved into clear text only after all of the
trust criteria linked to all resources that contributed to creating it are enforced.
Privacy
Network

12. vastly better security and privacy (thousands to millions of times harder to breach)
unlimited aggregation and analysis with no loss of accuracy
precision access control (single attribute, single recipient, specified purpose, 1-
time)
trust criteria inherited automatically by all aggregates and analytic outputs
no need to agree on trust criteria
Privacy Network Advantage

13. 13 WebShield Inc.
Trust Criteria
Identity & Security Assurance
Authorized Recipients & Purposes
IT Interoperability
Payment & Licensing Terms
Regulatory Compliance
Trust Validation Model
Rating & Reputation Metrics
Governance Processes
Trust Authorities
Audit & Certification Processes
Assessment Methodologies
Unified
Trust Model
Trust Policy Model
Assessment & Validation
Legal Agreements
Computable Trust
Trust Requirements
Provenance
Trust Resource Model
Resource Description
allows diverse policies specified by different stakeholders (e.g. user, record
subject, publisher, regulator, etc.) to be enforced by neutral trust authorities.
data
metrics software
computing
infrastructure
devices
physical assets
organizations
policiescontracts
algorithms
accounts
brands
relationships
people

14. 14 WebShield Inc.
Applications of the Privacy Network
Nationwide Identity Network
Patient-Centered Record/Attribute Discovery and Linking
HIPPA-Compliant Access Authorization and Sharing

15. Privacy Network
Buy Season Pass $19.99
Watch Ad-Free for $1.99
Watch Free with AdsWatch Free with Ads
Accept Privacy Protection
Show Policies
The Privacy Network uses information about you to
authorize access to content, protect you from identity
theft, and to enforce privacy policies on the use of
your information and files.
Cancel
explain
First-time users must opt-in to privacy
policies in order to access protected
content (e.g. a football game).
Authorizes use of obfuscated data to:
• Authenticate user and verify
attributes and relationships.
• Anonymously detect user devices.
• Analyze activity to detect identity
theft & cyber-security fraud.
• Locate and authorize access to user’s
records, accounts and digital media.
• Enforce user-controlled security,
privacy and personalization policies.
• Identity theft protection with multi-factor
authentication and identity proofing.
• User’s identity, personal data and activity
hidden – no insider access by anyone.
• Personal information only revealed if
authorized by user.

16. Privacy Network
Buy Season Pass $19.99
Watch Ad-Free for $1.99
Watch Free with AdsWatch Free with Ads
(1) first-time users enter any
attribute (phone, email, etc.)
that specifies their identity.
Commercial
Credit
Bureaus
Phone
RegistriesProfessional
Licensing
Marketing
Profiles
Data
Aggregators
Fraud
Analytics
Enterprise
Healthcare
Records
Security
DirectoriesEmployer
HR
Retailer
Affinity ProgramsSupply-
Chain
Insurance
Databases
Banking
Records`
CRM
ERP
Government
Education
Records
Public
Records DMV
Records
State & Local
Records
IRS
Records
Social
Security
Citizenship &
Immigration
Healthcare
Data
Sources
(3) global virtual database of
obfuscated data used to verify
user’s identity, authorize access
and derive authentication options.
Accept Privacy Protection
Show Policies Cancel
explain
Text my Cell Send me Email
your phone your email- or -
The Privacy Network does not recognize this device. To
authorize access, please enter one of the following:
other options
verify deviceverify device
(Y4t) rG2-Ua91
xRs4Mw42dAk
baX3yPEq7Nm
(6) obfuscated log
entries returned
(5) user authenticated, which in turn:
• verifies identity, authorizes access
• validates privacy protection opt-in
• registers device to enable subsequent
no-login access
no personal information revealed to anyone
y4s rG22fa9i
xRs4Mw42dAk
baX3yPEq7Nm
phone
voice print
password
Authentication Services
device
fingerprint
email
fingerprint
facial
biometric
(415) 265-3250
jonathan.hare@me.com
FaceBookID 2335135
Trust
Authorities
Y4t7rG25Ua91
(415) 265-3250
(2) attributes obfuscated and
submitted to Trust Authorities.
(4) obfuscated authentication
parameters passed to neutral
authentication services.

17. • Global single-sign-on, anonymous identity proofing and attribute verification.
• Simple ‘no-click’ access, strong authentication without passwords.
• Anonymously matches users with their digital content, accounts and records.
• Eliminates identity theft and related cyber-security fraud.
Trusted Identity Network

18. Child
Teacher
Clinician
Colleague
Friend
Spouse
any
credential
or relationship
Privacy Network
any
social media or
messaging clients
any digital
content
general health education banking children online
My Policies edit my polices JonathanHare cancel
people
devices
security
payments
advertising
messaging
privacy
general
Users and organizations can link policies directly to their content, and freely share it
through standard messaging clients, social media apps and collaboration tools.
Content is encrypted end-to-end
until recipient is authenticated and
authorized, and not revealed to
apps or websites used for sharing.
Enforces policies on verified
identities and relationships of
individual people, devices and
services…

19. Harnessing HIPAA to enable (rather than block) access by patients and providers…
• Nationwide
• High Assurance
• On Demand
• Vendor Neutral
• Certified ComplianceRecords Discovery &
Access Authorization
Identity & HIPAA
Trust Authorities
Privacy Network
Informed Consent
& Consumer Opt-In
• Enables nationwide patient
record discovery and access.
• Enforces HIPAA Patient Mandate
for patient requests, HIPAA
Authorization for provider
requests.

20. Payer
Infusion
Center
Oncology Medical
Home
Clinical
Oncologist
Skilled Nursing
Facility
Radiation
Treatment Center
Home
Caregiver
Primary
Care Provider
Patient
Claims
Records
EHR
Records
Lab
Records
Pharmacy
Records
Genomic
Data
Practice
Management
Device
Data
Demographic
Data
Privacy Network
population & practice metrics
personalized clinical decision support
patient-centered coordination of care
records access & secure messaging
All-payer, all-patient, all-provider, all-purpose network

21. Providers
Data Sources
21 WebShield Inc.
Nationwide Secure Sharing, Compliance Verification and Attribute Discovery
Apps,
Databases
Services Patient Data
Identity &
Compliance
Data
Proxy
Data
Proxy
Patient Records
Attributes
Metrics
Privacy
Network
• Cloud-based verification of IT security and HIPAA compliance by neutral trust authorities.
• Secure sharing with any organizations or individuals without requiring IT support.
• Identity disambiguation across demographic identifiers, patient IDs, insurance IDs, etc.
• Nationwide attribute discovery and patient-centered longitudinal record syndication.
Payers
Data Security
Encryption
Key Management
Security Directory

22. z
Data Sources
Nationwide Single-Sign-On User Authentication, Authorization & Compliance
Providers
Patient Data
Identity &
Compliance
Data
Proxy
Data
Proxy
User
Proxy
Identity
Syndicate
Trust
Authorities
Privacy
Network
• Links diverse single-sign-on and identity infrastructure into nationwide identity syndicate.
• National scale attribute-based access control and dynamic user / attribute proofing.
• Identity assurance and HIPAA compliance verified by neutral trust authorities.
Apps,
Databases
Services
Single Sign-On
OpenID Connect, OAuth2,
SAML2, LDAP, etc.
Payers