The Role of Digital Identity in Modernizing Health Care

In this vlog, 1Kosmos CMO, Michael Cichon, is joined by 1Kosmos CSO, Mike Engle, to discuss how digital identity can modernize healthcare. If you are interested in learning more about this topic, please join us at our webinar where Mike will be diving deeper into this topic.

Michael Cichon:
All right, well, hello everybody. This is Michael Cichon. I’m the chief marketing officer at 1Kosmos. I’ve invited our chief strategy officer, Mike Engle here today to talk about healthcare. Mike, welcome to the vlog. I’ve done some poking around, some research around healthcare, and I’ve learned a little bit about this legislation that was passed in 2016, called The Omnibus 21st Century Cures Act. And to my surprise, this got pretty deep into some interoperability requirements. Can you talk a little bit about that?

Mike Engle:
Yeah, there’s legislation and industry efforts, that are trying to get, something that should be very obvious, but access to your own data, or to have your data be easily shared with somebody else, specifically in the healthcare world.

So this has been a long time coming. People have been trying to revolutionize healthcare records and healthcare access for 20 years, and I think the big tech companies have all tried many times, but a lot of exciting traction, that’s coming about pretty recently in this front.

Michael Cichon:
So this is interesting, because it recognizes a lot of things that we would like to take for granted. We’ve all experienced this, a new pharmacy, a new insurance company, a new healthcare provider. As a patient, you go in and you start from scratch, provide all your basic information, then if you’ve got an old doctor, old doctor asked to send information to new doctor, and over a lifetime, your information gets spread all over the place, so is this focused on solving that problem?

Mike Engle:
It is. It’s taking a pragmatic approach to it in a small steps.

So I’ll give you an example. Today, you go to your doctor for five years and you happen to be in the state next door and you go to the hospital. How does that hospital get access to your health records today? If you were to go to the hospital today, Michael, how do you think that would happen?

Michael Cichon:
I expect a phone call, or a fax, or some kind of an email might be sent, and they would get it, right?

Mike Engle:
Right. We’re stuck in the nineties. It’s really, it’s horrifying on many levels, from a technology perspective, from a verification of what it actually is, how do we know we’re getting the right health records? So there’s these efforts to modernize what they call the key, and we’ll talk about this on our webinar coming up, the key is, how do you get in, how do you prove who you are? I am Mike Engle, let’s work on my healthcare together, in a safe way.

And then there’s the doors, that you’re actually going through, which is all of the entities today, that hold our data, the hospitals, the specialty care providers, and they need to be able to exchange your information in a safe way as well. If for that doctor to send it to the hospital or vice versa, your blood work, needs to be federated around to lots of different people. And so, they’re trying to standardize and modernize, how those two interaction points happen.

Michael Cichon:
So, this is starting to hit some familiar points here, because the very first thing is proving who you are, I guess, electronically or in a remote setting, and then there’s the storage of information, so this seems to map pretty strongly into a lot of the themes we’ve been talking about, when we talk about identity proofing and creating this digital wallet. Is that what’s happening behind the scenes?

Mike Engle:
It is, yeah. I mean, the terminology may vary, but at the end of the day, I need a wallet or a safe place to keep my health records, that I am in control of.

Much like what we do for identity, is I can allow you, Michael, to create your own identity wallet, and have trusted credentials go into it, everything verified, matched to your true world identity, et cetera.

So the same principles should apply in the healthcare world. I prove who I am. I get access to my data, because I don’t generate that data, the hospital takes the MRI scan or somebody draws my blood work, but they should give it to me, and I should be able to share it with anybody that I want, with the press of a button, but be in control of it at all times, and that’s all in scope of what they’re trying to accomplish.

Michael Cichon:
So in practicality, in real world environment, how would this work? Does a hospital deploy this, or can you step us through how patients, you and I, would experience this in real life?

Mike Engle:
Yeah, so there’s a lot of ways to answer that. Today, the way you get your health record created, is you have to typically go to a provider, I’m going to the doctor’s office or the hospital for the first time, show them a driver’s license, give them some other information, and they will either create a new record, or try to find you in their system. Okay, I’ll match the address, Michael Cichon, lives at 123 Main Street. Got you, and I’m in person with you, it’s all verified, and then I can hand you now a login. And so, it’s very in person, high touch, still error prone, because they could still get the wrong Michael Cichon. Imagine if you’ve had five address changes, since you’ve been to that hospital last.

Michael Cichon:
Right.

Mike Engle:
How do they find you inside the system? So these are all the things that they’re working on.

Now. The way it could work in the future, if we’re successful in our mission, is you can prove who you are without a doubt, and there’s some way then, to easily match those health records, not just at that point, but even remotely and digitally. I have logins at Quest, Labcorp, around me, there’s three hospitals that I’ve been to over the years, for various non-emergency things, because I’m healthy, and I’m just kidding, but all my data’s spread out and I might have logins to some of them, I don’t even remember, so that’s the scope of the problem we’re dealing with, and now, you can do all that stuff remotely.

So if I’m going to, say, do a Teladoc session, where I need to get medical care over Zoom, or over something like this, now it’s really important that you’re talking to the right person and that you’re talking to a verified doctor.

So we can do all that stuff digitally now.

Michael Cichon:
That’s great. And we’re not alone in this mission. There’s an organization called CARIN, not the K-A-R-E-N, it’s the C-A-R-I-N, and they’re all around furthering the interoperability standards for the access and sharing of this, correct?

Mike Engle:
Yeah, that’s right. The CARIN Alliance is a nonprofit, and we’re going to talk in depth about this next week, but their mission is to bring payers and providers that serve users, like you and me, together and get some of these standards in place and create some real demonstrations of the art of the possible.

So for example, we’re working with the CARIN Alliance now, to demonstrate how you could prove your identity remotely to, say, one of the federal healthcare services, and then let somebody else rely on that trust.

So imagine you go to social security and you say, “I’m I’m 58, I need my Medicare plan B,” whatever it is, you have to prove who you are. Shouldn’t you be able to reuse that proof to a hospital, or to your doctor, so that they can easily consume your identity? You can share it with them and then they can all go downstream from there, and that’s one of the actual, real-world projects we’re working on, in the CARIN Alliance right now.

Michael Cichon:
So this is pretty cool. So with the proper platform and framework that’s interoperable, me as a patient, I could enroll remotely, all of my information is stored under lock and key that I control, and then as I go to a new provider or a new pharmacy, essentially, I would do something as simple as, for example, scan a QR code and we do a facial recognition and now they get exactly the information I want to give them, at the time I want to give it to them. Right?

Mike Engle:
Exactly. Yeah, so the art of proving who you are remotely is, there’s a federal standard for that, it’s NIST 800-63-3, it says, here’s how you do all this stuff remotely to prove somebody, match the face to the driver’s license and all that, and these medical organizations and government agencies, are now working to be able to implement that as a trusted way to prove your identity.

And once it’s done in one place, that same identity can be leveraged over and over again, so you don’t have to go to hospital one, prove who you are, go to hospital two, prove who you are. Imagine if you go to the hospital and they ask you a question, do you have a social security account? I say, “by Joe, I do.” All right, great. I just need you to authorize the transfer of that identity information over to us, so that boom, we’re in and I can match the patient records very easily. That’s the vision. Or there’s many ways that it could be implemented, but that’s one example of how it could work, and make things a lot easier.

Michael Cichon:
This is really fascinating. We’re going from a world, like we discussed earlier, where information is just spread all over the place, to a world where it’s in one place, it’s controlled by the patient, and it’s there when they need it, they share it selectively when they want to, and they get the services they need, so that’s fascinating.

Now, we are doing a webinar on this. If you’re seeing this before the webinar, it’s December 15th, 1
:00 PM Eastern Time, 10:00 AM Pacific Time. Mike, you have some partners in this webinar, correct?

Mike Engle:
I do, yeah. I’ll be joined by Ryan Howells, from the CARIN Alliance, so he’ll be talking in depth about some of the topics that I hinted on, and we are also being joined by Adam McBride, who’s the IT director at Health and Human Services.

So these are people that have been doing this for a long time, and we’re working very closely with both of these organizations, to try to make some of these things come to light.

Michael Cichon:
Well, this is really amazing, not just giving patients like you and I access to the services we need, but we all know that the healthcare records are one of the most sought after records by cyber criminals. So securing that information, especially as we move forward here and the attacks get even more creative and aggressive, it’s really exciting to hear the work that’s being done around this.

Mike, thank you so much for joining me today. I appreciate your time. I’m looking forward to that webinar.

Mike Engle:
Pleasure. We’ll talk to you soon.

Overcoming Resistance to Change on the Journey to Passwordless MFA

Read More