Identity and Trust in Healthcare IT

Well, we all know I am not one to let an opportunity for self-promotion to slide.  So it is strange that I didn’t announce this already.  But last night, I was asked to fill in on a panel called “Identity and Trust” at the 2nd Interoperability Forum sponsored by the Department of Health and Human Services’s Office of the National Coordinator for Health Information Technology

One of the dominant forces right now in both healthcare and identity management is blockchain. And I have a bit of experience working with blockchain based solutions and many of these are overhyped. I actually alluded to this briefly in a recent column. But in the case of identity management, I keep hearing echoes of previous stories.

The only important thing I said was a reminder to everyone of Greenspun’s Tenth Rule:

Any sufficiently complicated C or Fortran program contains an ad-hoc, informally-specified bug-ridden slow implementation of half of Common Lisp.

Philip Greenspun, c.1993.

I’ve modified this for identity management:

Any identity management system contains an ad-hoc, informally-specified bug-ridden slow implementation of half of OpenPGP.

Keep that in mind when you hype self-sovereign identity like it’s you invented it.