Stream: smart/health-cards
Topic: Q&A from AIRA Panel Last week
Josh Mandel (Aug 09 2021 at 19:03):
Nothing surprising here, but figured I'd share these from my notes.
Q. How can a verifier be certain that the health information presented belongs to the presenter? How is identity binding achieved and to what level of assurance?
A. Josh Mandel
The answers will vary across different standards, but the most common frameworks use two components: a QR code with signed clinical information and a small set of demographics (typically just name + birthdate), and a "traditional" ID like a driver's license or passport. A verifier needs to cross-check that the demographics in the QR match the traditional ID. This is how SMART Health Cards works, and also how EU Digital Green Certificates work.
Re: level of assurance, this can vary by issuer. In practice, I think quality of identity checks at time of vaccination are highly variable. SMART Health Cards provides a standard flag to indicate "Identity Assurance Level" but in practice most issuers don't achieve higher than LOA1.
Q. If QR codes are used to share PII and PHI how is security and privacy maintained? Is this at the cost of interoperability?
A. Josh Mandel
For SMART Health Cards https://smarthealth.cards/faq.html#privacy talks through the approach. There is indeed PII in a SMART Health Card, and it's important that consumers understand exactly what's encoded in a QR like this. Transparency is key; beyond that, we've designed the data set to address the use case of vaccine and lab result verification, focusing on data minimization (e.g., demographics in a QR are limited to those needed to cross-check with an external ID like a driver's license or passport).
Last updated: Apr 12 2022 at 19:14 UTC
