HIMSS Financial Privacy & Security Task Force Update

Mick TalleyThe Financial Services Task Force has one goal – examine the current deployment of digital identity credentials and solutions for integration within the Financial Services Industry and analyze how those solutions could be leveraged to facilitate the nation’s goals for e-health. A part of that task is to find common ground between the healthcare and financial services industries in order to engage them into a collaborative effort to process the multiplicity of identifiers for patients/consumers that can affect transactions across networks and IT platforms in web-enabled and electronic transactions.

Errors of identity are expensive and time-consuming. The Task Force will consider the myriad of complex challenges and working solutions such as:

  • Interoperability across different vendor solutions for digital credentials
  • Discover and define a standard method of identity data sharing across networks
  • Define a method to mitigate security risk
  • Present models of patient/consumer management of credentials or “life-cycle”
  • Endeavor to track the work to the larger HIMSS and Industry initiatives

The scope of the work will be inclusive of the work completed during 2013 as a platform. Attention to scope means the Task Force will identify standards developed in both the governmental and volunteer standards bodies, illuminate “best practices” and portray models of deployment of authentication using the digital credential ecosystems in the financial services industry and present recommendations of a collaborative path ahead for the two vital and “critical” infrastructures, as well as architectures to facilitate interoperability.

For more thoughts on the work of the Financial Privacy & Security Task Force, see David Snyder’s article Authentication and ID Management.

Mick has participated in numerous projects for several federal agencies including: National Institute of Standards and Technology, Lawrence Livermore National Labs, National Security Agency, General Services Administration, and the Department of Defense. Projects involved: secure sharing of data, identity management, key management, encryption and the standards development for facilitation of interoperability.  Mr. Talley is under “non-disclosure agreement” (NDA) to the Federal Reserve and the National Security Agency and is an approved ARRA Project Manager.