Public Health Centers

From IDESG Wiki
Jump to navigation Jump to search

Full Title

Public Health Centers as a Vulnerable Populations use case of the Identity Ecosystem Framework.


  1. The patient is reliably matched to their Electronic Health Records (EHR) at a portable kiosk.
  2. The patient is given access to their health information in a secure manner.
  3. Patients have the means to access remote connections to a practitioner who can reliably access their PHI on an EHR. (ie patient to provider.)
  4. The patient outcomes are improved by easy exchange and monitoring patient compliance with the care plan (ie patient to computer.)


The existing context is the Trusted Exchange Framework and Common Agreement (TEFCA), the Sequoia Recognized Coordinating Entity and health information exchanges. Those efforts have encouraged an ongoing dialogue regarding the data sharing agreement, interoperability, electronic health records using FHIR formats. This is a plan for engaging vulnerable populations with access to their records and strong patient matching.

The first challenge is Patient Matching which is a life or death as well as a medication fraud issue. The second challenge is the ONC’s Cures Act Final Rule which makes clear that all Patient Health information needs to be available to patients. Since a large fraction (91%) of the US population at large as well as the vulnerable population have cell phones, this use case will focus on vulnerable patients that have access to a cell phone. The large majority of those are smart phones. When patient outcomes are considered, it may even be cost effective to provide the vulnerable patient with a smart phone. The Cures act explicitly notes that applications provided with smartphones need to be from certified developers and the TEFCA adds the requirement for NIST IAL2 and AAL2 (SP 800-63-3) Identity integrated with HIE’s and record locator services to ensure interoperability and patient safety.

During the COVID-19 pandemic where vulnerable populations were granted emergency access to remote healthcare, it became clear that patient identifiers were inadequate to enable a high level of patient matching. What ican be achieved within a few months is a program to build out a trusted entity infrastructure for certified onboarding coupled with a trust registry that is linked to a record locator service for the specific purpose of serving a vulnerable population. in most cases with a user friendly app with core functionality content that is interoperable. There is extension to the program that can incentivize user/patients to want to participate to increase compliance, quality of life and thus generate better long-term results at lower cost.


  1. A care practice that includes outreach to vulnerable populations with a goal of improving patient outcomes.
  2. A patient intake process that is able to leverage all of the patient identification methods.
  3. A focus on mobile phone access as the medium of choice.


  1. Patient appearing at the Health Center
  2. Intake professionals to identify the patient and give them access to the Health Center
  3. Electronic Health Record Service
  4. A trusted entity, a CSP, issues or registers subscriber authenticators and issues and verifies electronic credentials of subscribers including pseudonymous identity, different levels of assurance and identity, including federations.


Primary Scenario:

  1. Before the patient can be admitted to the health center, and EHR is created or selected (for returning patients.) The patient is coherent and able to assist in the identification process.
  2. Patients will need a state driver’s license or a state issued ID card plus a Medicaid ID card #.
  3. Two factor authentication can be a SMS #, a biometric or a one-time password OTP.

Alternative Scenario:

  1. The patient needs to be treated immediately before identification occurs.
  2. The patient is assigned a case number and admitted to the Health Center.


Post Conditions

  1. The patient has an EHR with PHI including the results of the current visit.


This work is an outgrowth of the Identity Ecosystem Framework – Registry (IDEF-R) which was a work-effort under IDESG which was designed and partially built with funding from the US Department of Commerce NSTIC Program office and administered by NIST. That effort continues is in the Kantara FIRE Work Groups (Federated Identity Resilient Ecosystem) and the Health Identity Assurance. The software is available for demonstration.