ID.me First to Meet New Digital Security Guidelines, Paving Path for Interoperability

ID.me has emerged as the first digital identity-verification platform to earn approval as a full credential service provider, meaning it meets new security criteria set by the National Institute of Standards and Technology. ID.me says the endorsement positions it as a potential facilitator of interoperability in healthcare.

The Kantara Initiative, a nonprofit group focused on trust in data, granted the 800-63 rev. 3 approval. It hinged upon ID.me meeting government guidelines for best practices, the backbone of the organization and other factors surrounding apps that deal with sensitive data. Healthcare providers, for instance, must use credentialing software that meets these guidelines if they are to electronically prescribe certain drugs, like opioids, and a coming interoperability framework is poised to recommend adherence to the standards.

>> READ: These Data Security Challenges Are Plaguing Healthcare

“To provide best-in-class capabilities to our partners, it’s essential to stay up to date with the industry’s strictest standards,” noted Mike Brown, ID.me’s chief technology officer.

ID.me is a “next-generation” digital platform that enables individuals and institutions to confirm their identities online. The technology fosters interactions between separate entities, guarding against fraud and identity theft.

Developers there are building a network on which users must verify their identity only one time in the ID.me ecosystem. The company compared the credentialing system to the driver’s license.

Perhaps no other industry — aside from government, ID.me’s other client base — has been hit harder by hackers than healthcare. The sector has suffered countless data breaches and, in some cases, saw cyberattacks impede or affect medical care. Patient data also sell for steep prices on the dark web.

As such, meeting the new guidelines means that ID.me has won a victory that could make it a major player in healthcare’s high-tech efforts, now and in the future.

“The opioid crisis and a growing demand for patient-directed data exchange have created a perfect storm for trusted digital identity in healthcare,” ID.me CEO Blake Hall said in a statement. “Securing the identities of prescribing physicians and the patients they treat is a critical step in fighting the opioid crisis, controlling costs and creating efficiencies in healthcare.”

The new security criteria step away from a reliance on usernames and passwords, many of which have been exposed and sold on the dark web. Instead, government leaders have moved toward “possession-based methods of authentication.” Driver’s licenses and passports might now be coupled with selfies to better defend against digital document theft.

ID.me plans to open up its approved, white-label technologies to government and healthcare next year.

The head of the Kantara Initiative called ID.me’s approval “a significant industry milestone and competitive advantage.”

Get the best insights in healthcare analytics directly to your inbox.

Related

What Increased EHR Accessibility Means for Cybersecurity

Why Sansoro Health Got $8M to Fuel Interoperability

2 Reasons Why Healthcare Must Achieve Interoperability