Health – Relationship – Turst: Come hare about the new HEART WG at Open ID Foundation

From IIW

Session Topic: HEART Workgroup

Wednesday 1C

Convener: Eve Maler, Deb Bucci

Notes-taker: Eve Maler

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

We discussed the formation of the new HEART WG. We didn't project slides, but worked from the following slide deck:

We also discussed the FHIR API as a key exemplar of what we're protecting:

Everyone is welcome to join the new group; this page is a placeholder:

To take part, you will need to fill out this IP form:


We are lining up membership in the next few weeks and will be meeting formally in teleconferences in the new year, if not sooner. We plan to hold a F2F meeting at the HIMSS conference in April 2015 in Chicago:

The Venn diagram below is an extension of a set of slide deck notes that can be found here:

Adrian Gropper and Jin Wen made some really good observations on the Venn, respectively:

OAuth represents an institution focus; OpenID Connect represents a federation focus; and UMA represents an individual focus. OAuth represents a service availability focus; OpenID Connect represents a security/authentication/integrity/confidentiality focus; and UMA represents a privacy focus.

The profile specs we will be producing are layered. We don't actually know yet if the OpenID Connect and UMA profiles will be separately layerable on top of the OAuth profiles, or if the UMA specs will depend on the OpenID specs, or what.

Some information is outside individual control, but nonetheless needs to be monitored for sharing; this is what "accounting of disclosures" is for.

We want to reduce inhibitors to data flow for three reasons: 1) clinical; 2) public health; and 3) research. IIW19 W1C Heart.jpg