The Health Identity Management SIG (HIM SIG) offers members an opportunity to join with other Liberty Alliance Members (regardless of membership level) to recommend standards to enable an internationally interoperable health care identity management and information exchange system. This may includes standard directory (LDAP) models, health care roles, implementation guides and similar recommendations. More information and involvement opportunities are described on the HIM SIG page.
The goal of this activity is to engage the broadest member participation across Liberty Alliance to facilitate adoption of Liberty protocols and specifications by the healthcare industry worldwide.
Specific goals of this group are to:
- Review existing standards, and recommend new standards for an interoperable health care identity management system using Security Assertion Markup Language (SAML) and Liberty Specifications
- Review and recommend a set of health care roles that can be used for role based access control requirements.
- Review and recommend directory architecture to enhance interoperability.
- Work to encourage the development of a reference implementation, using open source solutions.
- Review and recommend simple APIs that are sufficiently simple to allow multiple vendors to participate in this system
- Reach out to other appropriate groups to invite participation
- Educate the health care community on the principles of standard identity management, its goals and benefits of such a system. Work to ensure the education uses common terms, cross-referenced between “vendor-specific” concepts and Liberty standards.
- Educate the community on how the system should operate and how such a system should function.
- Contribute best practices to the appropriate Liberty Alliance Expert Groups for standardization consideration. This SIG recognizes a special need to coordinate with the Identity Assurance Special Interest Group (IASIG), the Identity Assurance Expert Group to ensure harmonization with their efforts to extend the original Trust Framework work of the EAP (Electronic Authentication Partnership), the Credential Assessment Framework of the US E-Authentication Initiative, and other industry contributions, into a harmonized, best-of-breed industry standard.
- Review and recommend adjustments to approved specifications as the system develops to ensure reliability, security and privacy.
- Work with the vendor community to ensure interoperability between systems.