How vLEIs and verifiable credentials can turn connection into trust
A modern trust layer must actually function in the real world to enable seamless data exchange at scale throughout the ecosystem.
In this series, Article 1 made the case that healthcare is entering a trust moment. We can connect now. The pipes exist. APIs exist. Networks exist. Data moves.
Then, Article 2 tackled the uncomfortable middle where trust breaks down today — when directories become trust registries, when onboarding is inconsistent, when enumeration is weak, and when the relationship between a person, an organization and a purpose-of-use can’t be proven at scale.
This third article is the constructive finish line. It’s the blueprint that emerged from the same roundtable; it describes how a modern trust layer could actually work in the real world, without pretending we can “staff our way” or “proprietary our way” into trust for billions of transactions.
This article series builds on a critical roundtable conducted in the fringes of healthcare and technology conferences where movements happen. Panelists included Ryan Howells of Leavitt Partners, Scott Stuewe of DirectTrust, Karla Mckenna of GLEIF and Jared Jeffery of healthKERI.
Identifying a different mindset
The goal is not more oversight. It’s a different mindset.
One of the clearest through-lines from the panel discussion was that the next phase of healthcare data exchange cannot depend on centralized policing. The scale is already too large. The ecosystem is too distributed. The number of actors is too large. The number of legitimate use cases is expanding.
When the system tries to govern trust primarily through policy documents and centralized oversight, it creates a false sense of safety and results in a predictable outcome — either friction grows until innovation slows, or trust erodes until litigation and defensive postures take over.
The panel’s argument was simpler than that: trust must become a property of the transaction itself. Not asserted; not assumed. Proven.
Step 1: Connect directly when possible
Scott Stuewe offered a deceptively powerful idea — in many national network models today, connections happen through multiple hops.
You may know the identity of the gateway in front of you, but you have limited visibility into what happens across the chain. That creates a trust visibility problem.
In contrast, direct connections, when feasible, allow one essential thing — if I’m transacting with you, I can validate you. I don’t have to rely entirely on a chain of intermediaries to “vouch” for the relationship.
Directness won’t be possible in every scenario. Networks exist for a reason. Nevertheless, the principle matters — the trust layer should enable parties to validate each other in a way that is not dependent on blind faith in the route.
Step 2: Establish verifiable organizational identity
If you’re a health data leader, you already know the organizational identity problem is real. Providers are often poorly enumerated. Payers are not enumerated cleanly at all.
And in an automated exchange environment, “we’ll just use the name” is not a serious answer.
Karla McKenna’s contribution to this discussion was foundational. GLEIF’s work with the LEI/vLEI started with a crisis in financial services, where regulators and markets couldn’t reliably understand who was transacting and where risk lived. The response was a global organizational identifier that is persistent, verifiable and disambiguating.
In the panel’s framing, the healthcare translation is straightforward. A modern ecosystem needs an unambiguous way to distinguish one “St. Mary’s” from another “St. Mary’s,” and to do so in a way that can be used by machines, not only humans.
The key evolution here is not just the identifier, but the verifiable form of it — what the panel discussed as a cryptographic packaging of organizational identity that is portable and usable across networks. This is how organizational identity stops being a spreadsheet problem and becomes a trust primitive.
Step 3: Bind people with role-based credentials
Organizations don’t act on their own. People act on their behalf.
The missing piece in many trust models today is the relationship layer. It’s not just “who is this person?” and not just “what is this organization?” but “is this person authorized to act for this organization, in this role, for this purpose?”
McKenna described a chained credential model that mirrors reality. An organization can hold a high-assurance identity credential and then issue linked credentials that prove officers, employees, delegated agents or other representatives are acting on the organization’s behalf.
This is the missing bridge between identity and authority.
In healthcare, it matters because clinicians work across multiple contexts, leaders hold multiple affiliations, delegated authority is everywhere, and the ability to represent an organization is not static.
Role-based credentials make the relationship portable and verifiable. They reduce the need for fragile directory logic, and they move authorization closer to the cryptography of the transaction.
Step 4: Make purpose-of-use provable
If Article 2 focused on “where trust breaks,” the sharpest example was purpose-of-use.
Purpose-of-use is where trust moves from abstract to consequential. It’s the difference between treatment and marketing. It’s the difference between payment operations and misuse. It’s the difference between a legitimate query and a lawsuit.
The panel’s core argument was not that purpose-of-use rules are unclear. The argument was that purpose-of-use is difficult to enforce when it depends on fragile onboarding, inconsistent vetting, and indirect trust.
The blueprint is to make purpose-of-use part of the credential story. It’s not just something you say. It’s something you can prove.
This is where role credentials become even more important. A credential can provide evidence of not only who you are and who you represent, but what you are authorized to do in this transaction context.
And in a world where exchange volume is in the billions, it distributes trust validation across the ecosystem rather than hoping a small group can manually “oversee” everything that happens.
What health data leaders should know
If you’re a health data leader reading this series, the message is that the next era of interoperability will be defined by whether we build a trust layer that can scale.
The blueprint that emerged from this roundtable is clear. A modern trust layer requires verifiable organizational identity. It requires the relationship layer between individuals and the organizations they represent.
It requires role-based credentials. It requires purpose-of-use that can be proven. This is how healthcare moves from fragile connection to durable trust. And if you’re wondering whether the industry will actually move this direction, look at the trajectory — more APIs, more enforcement pressure, more exchange volume, more consumer access, more AI, more risk.
The current model cannot hold. So, the future will not be decided by whether we can connect. It will be decided by whether we can trust the connection and whether we can do it at scale.
Mitchell Josephson is CEO of Health Data Management.