The Health Insurance Portability and Accountability Act of 1996 (HIPAA), the fundamental privacy principles of both the Data Protection Act and the Human Rights Act 1998, and the American Recovery and Reinvestment Act (ARRA) in February 2009 followed by April rulings by the Federal Trade Commission (FTC) included a standard of privacy regarding an individual's right to privacy regarding health care data. In January 2013, a new revision of HIPAA 1996, labeled the HIPAA omnibus rule, was issued with increased emphasis on privacy, disclosure of identifiable information and tougher security provisions which comes under the 2009 HITECH Act and the Genetic Information Nondiscrimination act. Under the provisions of HIPAA, ARRA, and the FTC, health information, with few exceptions, can only be shared with the express permission, advance consent, and authorization of the patient (or the patient's legal guardian, as appropriate), and when compromised, electronic notifications must be sent, and followed up with electronic audits and risk analysis.
By way of example, if a patient is unconscious and has provided advance authorization and consent for a licensed health care provider to securely access and view health-related and protected health information with family, next-of-kin, friends, or others involved, the patient's care and emergency care can be shared when in the best interest of the patient.
In Florida, vehicle owners can securely store emergency contact information electronically, including the name and telephone number of at least one person, and link same to their driver's licenses (DL). A law enforcement officer or first responder, if they can locate a driver's license at an accident scene, can contact the Department of Motor Vehicles to obtain emergency contact (ER-Cont.) data. If not available and the vehicle occupants are unconscious or otherwise unable to communicate, notifying the family can be a challenge. ER-Cont. information is only available to police at a crash scene in the state of Florida.
NLETS, the National Law Enforcement Telecommunications System, can interface with Department of Motor Vehicle sites across the country and obtain emergency contact information, but only if linked to a vehicle's vehicle identification number (VIN) and with the driver's consent. However, medical data cannot be collected, stored, accessed, or shared via NLETS, which can cause a loss of critical time gaining access to critical healthcare data, such as allergies, blood type, and other medical data. Such data can save lives or improve the quality of life after a life-threatening event.
As will be addressed throughout this disclosure, attributes contain information about a subject (known also as an actor). A subject's digital ID has a limited number of identity attributes that can be classified as an authenticated attribute such as one's legal name, address, zip-code, age, date-of-birth, or trait features, some of which may be listed on a title or driver's license, that are inherent such as eye color, gender or birth place, by way of example. A subject can also have acquired associated or professional title attributes (lifestyle-celebrity, self-asserted social media name, purchasing behavior, medical or banking activity/profile) which can change easily whereas personal core trait attributes most likely do not change.
Upon being validated and authenticated with a digital ID coupled with authenticated and non-authenticated attributes that have a high trust level of assurance or having public key certificate, in good standing, then a person's (subject) authenticated identity can be enhanced with other attributes that originate from an Attribute Certification, currently recognized as a certified Identity Provider (IdP), that provides an identity proofing process where one's Authentication privilege is created extended to provide “certified binding attributes’ that link to a user's primary mobile computing device or ‘hub’ such as a smartphone or lap top that is user controlled for managing activities such as access control, secure email, access privileges and associated relationships. As a result of the security and auditing process incorporated into Authenticated Attribute Certification there is a strong privilege management policy monitoring effort, risk management process and an attribute/certificate revocation process. Entities, institutions, exchanges, enterprise servers and the environment (defined as ‘objects’) can also have attributes which are represented by defined and be tagged alpha-numerical characteristics, Bar-QR codes and functions. Authenticated attributes can be used to establish an identity but Attribute certificates (certs) cannot be used to establish an identity but are used to extend the attributes of one's identity. The forgoing is in concert with NIST guidelines.
Anonymization and Pseudonymization are specific de-identification processes that file the intent of HIPAA 1996 and the HIPAA omnibus rules of January 2013. For a user to have Anonymity or Pseudonymity, they first must be known electronically by a trusted third party and have a verified and validated identity. Anonymization is the process that removes the identifying characteristics (HIPAA defined as Protected Identifiable Information (PII) and Protected Health Information (PHI) associated with protected health/clinical information and generates a not so unique health data set. The value of such allows a subject/patient to make a part of or subset of their clinical data (PHI) available for a range of secondary purposes without having to access identifiable clinical information. The same applies to health insurance information that is represented by PII. Such data will be made available on a need to know or on an arranged basis and risk of identity is greatly minimized. The activity is handled through a trusted third party who attests to the validity of the clinical information. Pseudonymization is a specialized class of Anonymization that removes the association and then adds an association between a particular set of data characteristics relating to the data subject in addition to adding more pseudonyms. This is a means by which information can be linked together to the same group of persons over time and across multiple data records without revealing the identity of the person and subject data. A trusted third party play's a critical role if there needs to be a re-identification event that is in response to a major public health event. (Activities defined in HIPAA and HITSP).
As the market place transitions to a digital economy, technical advances in mobile devices like smartphones and laptops that are becoming a user's secure hub for managing their personal network of relationships, applications, devices and sensors that are all connected are opening up new frontiers of convenience, speed and transparency for consumers. Simultaneously, it has also resulted in privacy and security breaches in all markets with healthcare in the lead having over 25% of all patient accounts compromised in 2015. Consumer's, in adopting digital technology, are recognizing they are part of the solution in needing to control and managing their identity, privacy and access to their personal data to guard. They also recognize the beneficial value in using digital tools to enhance their safety and privacy by monitoring personal and related health activities especially during untimely medical events.
There is a need to provide medical help for a patient using a smartphone. By way of example, if the patient is unconscious and has provided advance authorization and consent for a licensed health care provider to securely access and view health-related and protected health information with family, next-of-kin, friends, or others involved, the patient's care and emergency care should be able to be shared when in the best interest of the patient, and in particular during a medical emergency situation where a smartphone provides time access to patient medical information.
Therefore, it would be beneficial to provide a secure system and method for making both VIN and emergency medical data available on an as-needed basis to licensed emergency medical responders, in order that care be provided in a more efficient, safe, and secure fashion if such data can be voluntarily provided and stored in a secure and separate, non-law-enforcement repository, and linked to the NLETS secure infrastructure.