The pandemic has caused a rapid shift towards online services across the economy, and healthcare is no exception. But there are still few standardized ways to present and consume identity information online and in-person with confidence, while respecting the rights of individuals, including their privacy.
A new standard from the CIO Strategy Council aims to change this. The standard, CAN/CIOSC 103-2, specifies minimum requirements for user-centric health networks that bind a patient’s identity to a set of digital credentials to facilitate secure access to services.
The standard provides the basis for implementing a user-centric, interoperable health network for the delivery of healthcare services. It includes provisions associated with user agency, data standards, privacy, consent, identity re-use and identity federation governance.
This standard builds on CAN/CIOSC 103-1, which was published in 2020 and sets out the fundamental requirements for digital trust and identity systems.
“Digitization of health care and the secure access to healthcare data has never been more critical. It enables the goals of patients, providers, and payers across the industry to securely access critical information and improve health outcomes. Standards like 103-2 will enable acceleration, while also creating an opportunity for the next generation of intellectual property in the healthcare sector.” – Mike Cook, CEO, IDENTOS
“From the patient’s perspective, electronic access to personal health information can be a challenge with the patchwork of digital tools, portals, and apps that exist today. Each of these digital tools requires unique registration processes and distinct usernames and passwords creating a frustrating experience for some of our most vulnerable patients. With this standard, healthcare organizations are beginning to benefit from the success of digital services like the Ontario trusted account – a digital identity service that allows patients to prove their identity online, just as they would in person using their health card or driver’s license, to seamlessly and securely access health information and services.” – Sonali Kohli, Vice President, Diagnostics and Chief Information Officer, Niagara Health
“Nothing is more personal than your health. Canadians, rightly, expect that their information will be well protected by healthcare providers, but they also want fast and convenient access to care online. This new standard is the result of input from a broad range of stakeholders and will provide a firm basis for innovation in the sector that respects patients’ privacy rights.” – Keith Jansa, Executive Director, CIO Strategy Council and member of the Ontario Health Data Council
Download the Standard
CAN/CIOSC 103-2 is available to download from the CIO Strategy Council website.