Human (Social) vs. Technical, you need both. Good not to conflate. Good conversation and references. Best, Sal IDmachines 4 Lamson Place Cambridge, MA 02139-2612 +1 617.201.4809 https://IDmachines.com ________________________________ From: Noreen Whysel Sent: Tuesday, August 6, 2024 7:54:52 AM To: peace@acm.org Cc: jim kragh ; Salvatore D'Agostino ; Simone Alcorn ; Bev Corwin ; Isha Chhatwal ; Thomas Sullivan ; Jeff Brennan ; Justin Byrd ; Jorge Flores ; wg-riup ; Kay Chopard Cohen ; Amanda Gay Subject: Re: RIUP WG 'brief' meeting tomorrow to vote on revisions to the Digital Identifier Inclusion doc. I like your explanation, Bev. Most people are probably not thinking about data transfer and digital identifiers. They just want care. Noreen On Aug 6, 2024, at 7:41 AM, Noreen Whysel wrote: Sorry, Tom. I posted that before I saw your note about not knowing what a Trust Relationship is. Here is an example of a definition from ONC: https://www.healthit.gov/isp/understanding-emerging-api-based-standards Understanding Emerging API-Based Standardshttps://www.healthit.gov/isp/understanding-emerging-api-based-standards healthit.govhttps://www.healthit.gov/isp/understanding-emerging-api-based-standards https://www.healthit.gov/isp/understanding-emerging-api-based-standards * Trust Relationship – For interoperability using FHIR to work, a trust relationship must be established between entities (ie an EHR/clinical system and an app). This is currently being accomplished by establishing siloed ecosystems. Without an established trust relationship, access to information is not possible regardless of the standards used. The Trust Relationship that Jim is talking about is one that is established in interpersonal relationships between an individual and a care team or service provider that does not include a digital certificate. For example, “We have met before.” Do we need to define these two aspects of trust relationship separately? Or do we need a new term for the human to human trust relationship? A reason to define them separately would be to acknowledge that in healthcare and other care situations involving an underserved individual where a digital identity is not available there may be a relationship established in human trust between two individuals that is not certified digitally. Example user scenarios: * A med kit is provided on a work site that employs undocumented workers. * A defib kit used (properly) on an unconscious person at a restaurant. In both cases trust is established between worker or dining customer and the establishment that safe conditions are maintained and that in the event of an emergency qualified care is provided. While establishment trusts that the affected person will be able to use/respond to the equipment or prevent an emergency in the first place. Noreen On Aug 6, 2024, at 7:04 AM, Noreen Whysel wrote: That is helpful, Tom. So to be clear, for the purposes of identification, a Trust Relationship is established in a data transaction once a trust anchor is verified? Ie certificate exists and data is transferred, therefore entity A is now in a Trust Relationship with Entity B. Is this true only in a software transaction or could one diagram it in a human trust relationship that Jim is talking about? It could be that you are talking about something on two very different levels. Noreen On Aug 6, 2024, at 1:42 AM, Tom Jones wrote:  The problem with that is that the relationship is defined AFTER the transaction completes, whereas the value in the request is prior to to the formation of the trust relationship. The trust Anchor for health interchange is defined by onc/tefca which cannot be altered or approved by the patient. BTW, that piece was NOT added while I was editing the doc so I cannot justify it. thx ..Tom (mobile) On Mon, Aug 5, 2024, 7:20 PM Noreen Whysel mailto:nwhysel@gmail.com> wrote: Yes. Do we need to define “trust relationship” in our lists of terms? Can we say that the trust relationship is the human component of assurance in which an individual shares data with a provider they deem trustworthy, and that the trust anchor is the technology component, embodied in a root certificate, for example, that provides identity assurance of the individual? Noreen On Aug 5, 2024, at 9:59 PM, kragh65@gmail.commailto:kragh65@gmail.com wrote:  Tom, in the healthcare sector, especially in underserved communities a relationship with a nurse, social worker or a non-profit entity or faith based entity serving that community is where relational trust is nurtured and built. In my 20+ years in the healthcare sector, I have never heard the term “trust anchor’ used as it relates to a ‘trusted’ relationship, especially a health care relationship. But understanding you are the DII Editor and there is a taxonomy in the DII that defines what a TA is in that domain, so be it. I am grateful for your leadership and support is making this document a reality, a foundation for a potential project. On be half of our WG collogues and Kantara, thank you. I will support your recommendation. Jim From: Tom Jones mailto:thomasclinganjones@gmail.com> Sent: Monday, August 05, 2024 8:41 PM To: jim kragh mailto:kragh65@gmail.com> Cc: Noreen Whysel. Brett mailto:nwhysel@gmail.com>; Salvatore D'Agostino mailto:sal@idmachines.com>; Simone Alcorn mailto:salcorn@easydynamics.com>; Bev Corwin mailto:bevcorwin@gmail.com>; Isha Chhatwal mailto:ichhatwa@gmail.com>; Thomas Sullivan mailto:tsullivan@drfirst.com>; Jeff Brennan mailto:jeff_brennan@sbcglobal.net>; Justin Byrd mailto:justin@machi-systems.com>; Jorge Flores mailto:jorge@entidad.io>; wg-riup mailto:wg-riup@kantarainitiative.org>; Kay Chopard Cohen mailto:kay@kantarainitiative.org>; Amanda Gay mailto:amanda@kantarainitiative.org> Subject: Re: RIUP WG 'brief' meeting tomorrow to vote on revisions to the Digital Identifier Inclusion doc. as i indicated the last time this came up, I don't know what a trust relationship is or why that would exist. The Trust Anchor is at least defined in the taxonomy. Be the change you want to see in the world ..tom On Mon, Aug 5, 2024 at 5:26 PM jim kragh mailto:kragh65@gmail.com> wrote: I was informed last week that we have a new 'Join Zoom Meeting #:and access code: ATTENTION WE HAVE A N NEW Join Zoom Meeting link: https://us06web.zoom.us/j/87605872193?pwd=HQI7AJKhLvpgtUxKyOYANVUKzsZW3U.1 Meeting ID: 876 0587 2193 Passcode: 157149 A list of call numbers was not provided and if a list of # 's are available I will ask Amanda to share such with us tomorrow morning.. Good evening! The revised DII document link is below and Tom, Sal, Noreen and I again reviewed and addressed items that needed attention that were accepted. The attached DII has a few fine tuning thoughts by Noreen and me for your review, comments and or corrections. Please read the document and be prepared to vote or provide a proxy so we can forward the DII to the LC Chair; thank you. The Kantara Leadership Council will be meeting next week, and if tomorrow our WG accepts changes made, we should be able to place the DII in their hands for a final review and acceptance. Once that is accomplished, maybe we can find a funding source and a demonstration partner. Tom shared with us a Homeland Security notice of six 'wallet' projects DHS was funding; surely there are others out there - let's discuss.. Have a nice evening, Jim Kantara RIUP WG Digital Identifier Inclusion Draft 9 5 15 24_ENDORSED.docxhttps://docs.google.com/document/d/1jaY6yNopxCFC_3sBgeddnmM1psVkLmnS/edit?usp=sharing_eil_m&rtpof=true&sd=true&ts=6693d6ef