Author: Adrian Gropper, MD (HealthURL)
I’m a pioneer in the use of Web protocols in healthcare. The company I founded and launched out of Massachusetts General Hospital in 1996 is arguably the first large-scale use of Web protocols in radiology. Currently, I’m CTO of Patient Privacy Rights and an expert in personal health data on the Web, including issues related to patient ID and authorization practices for RESTful APIs to private data resources. I have deep experience in many of the current standards and policy initiatives including Kantara UMA, OpenID HEART, and the board of IDESG. I have also led the submission of a Web-standards-based submission to the HeroX Patient ID Challenge http://bit.ly/ID-Challenge
The topic I would like to lead discussion on is Self-Sovereign Support Technology. I have helped develop of a proof of concept demonstration of this using health records management as the example https://www.youtube.com/watch?v=QX2JbYg2TZI I have also facilitated numerous sessions at IIW and Rebooting the Web of Trust on this topic. The IIW sessions yielded a list of requirements for sovereign technology https://medium.com/@sheldrake/defining-sovereign-technology-so-we-can-build-it-and-so-we-know-it-when-we-see-it-98ad77914025#.v69s9n58e and the beginning of a consensus on merging OAuth/UMA concepts for access control with blockchain concepts for identity, trust, and compliance management. At the recent Rebooting Web of Trust meetings, the role of blockchains for distributed identity and public ledgers relative to self-sovereign mobile and personal server technology was further elaborated in two sessions - a paper is forthcoming in the next few weeks.
Over more than two years of working to integrate blockchain and self-sovereign Web services, I have engaged numerous blockchain innovators and entrepreneurs including Blockstack, Consensys, Evernym, Yoti, and CommonAccord as well as leading edge Web projects in support of sovereign technology such as Freedom Box, MITRE ID Connect, and the HI:Project.
Re-decentralizing the Web requires an understanding of the interplay between mobile secure elements, personally controlled authorization and attribute servers and distributed identity, reputation, and compliance on the blockchain. The Blockchains and the Web conference is an opportunity to advance this vision and our proof-of-concept around personal health data.