|Type||Standard Implementation/Specification||Standards Process Maturity||Implementation Maturity||Adoption Level||Federally required||Cost||Test Tool Availability|
|Limitations, Dependencies, and Preconditions for Consideration||Applicable Security Patterns for Consideration|
I agree completely with the desire to identity proof patients to the level of IAL2. However, I'm not understanding the last sentence of this consideration: "all collected PII collected by the Signatory shall be limited to the minimum necessary to resolve a unique identity and the Signatory shall not copy and retain such PII". The Signatory should and in fact MUST be able to copy and retain PII to properly perform identity assurance.
One of the elements necessary to perform strong identity proofing is to verify a strong or superior piece of identity evidence (like the patient's drivers license). During the course of verification the image of the identity evidence may be imaged and sent to a 3rd party to "proof" the authenticity of the document. Typically the image of the drivers license is kept on file by the Provider along with an image of the insurance card. Would maintaining a copy or image of the driver's license and insurance card violate the language in this sentence? It appears that it would. Also the PII data gleaned from those documents (person's name, address, DOB, etc.) is also "retained".
This sentence should be revised to state "All collected PII collected by the Signatory shall be limited to the minimum necessary to resolve a unique identity."
The Implementation Guide for Expressing Context in Direct Messaging, published by the Direct Project, was designed to facilitate inter-organizational patient demographic record matching by standardizing the inclusion of patient demographic metadata in Direct messages, and should be added to this category. This standard was successfully piloted by the Direct Project community at their October 2017 connect-a-thon.
CTO, EMR Direct