Fed Advisors Seek Comment on Authentication
The Privacy and Security Tiger Team of the HIT Policy Committee is seeking public comment on authentication "trust" rules for provider organizations.
"For purposes of this discussion, authentication is the verification that a provider entity (such as a hospital or physician practice) seeking access to electronic protected health information is the one claimed, and the level of assurance is the degree of confidence in the results of an authentication attempt," the Tiger Team explains in an entry on the Federal Advisory Committee Blog.
All comments on organizational authentication are welcome, but the team particularly seeks information on six specific questions covering the strength of authentication, ability to receive digital credentials, the process for issuing digital credentials, who has authority to issue the credentials, the need for an established technical standard for credentials, and the types of transactions that must be authenticated.
Comments are due by Oct. 29. To access the questions and offer comments, click here.