Posted 4:03 PM

Powering the Oracle

Nishant Kaushik jumps into the discussion about the Identity Oracle and outlines his ideas (derived from both Bob Blakley's original definition and Nishant's presentation at the recent Digital ID World). I won't even attempt to summarize Nishant's extensive description of the service, but one of his points did get me to thinking. He says the Oracle needs to:

• Provide a declarative Governance Model for how identity data is made available and consumed (fits in well with the IGF concept being discussed)
  
• Support for Identity Data Discovery by consuming parties (again, subject to the governance model)
  
• Support for providing Usage Constraints on the Identity Data to consuming parties
• Support for Privacy, Regulations, Compliance constraints

Now, when you look at that and put it in the same context as Microsoft's new HealthTrust web site, it occurs to me that a "Medical Identity Oracle" would be the ideal first place to start. In the US there are strong legal safeguards already in place for medical data as there are also in the EU. So that part would not have to be created from scratch. The technology itself is almost a no-brainer, because we're already building that "protect, but share" interface for hospitals, insurance compsanies, medical practices, etc. That leaves "only" one difficult part - convincing people to centrally store their medical data. I think it can be done, and I'm anxious for someone to give it a try...