ABSTRACT
The COVID-19 virus has been spreading worldwide on a large scale since 2019, and the most effective way to prevent COVID-19 is to vaccinate. In order to prove that vaccination has been administered to allow access to different areas, paper vaccine passports are produced. However, paper vaccine passport records are vulnerable to counterfeiting or abuse. Previous research has suggested that issuing certificates digitally is an easier way to verify them. This study used the consortium blockchain based on Hyperledger Fabric to upload the digital vaccine passport (DVP) to the blockchain network. In order to enable collaboration across multiple systems, networks, and organizations in different trust realms. Federated Identity Management is considered a promising approach to facilitate secure resource sharing between collaborating partners. Therefore, the international federal identity management architecture proposed in this study enables inspectors in any country to verify the authenticity of the DVP of incoming passengers using the consortium blockchain. Through practical construction, the international federal Hyperledger verification framework for the DVP proposed in this study has shown the feasibility of issuing a global DVP in safety analysis and efficacy testing.
ABSTRACT
BACKGROUND: Patient portals allow communication with clinicians, access to test results, appointments, etc, and generally requires another set of log-ins and passwords, which can become cumbersome, as patients often have records at multiple institutions. Social credentials (eg, Google and Facebook) are increasingly used as a federated identity to allow access and reduce the password burden. Single Federated Identity Log-in for Electronic health records (Single-FILE) is a real-world test of the feasibility and acceptability of federated social credentials for patients to access their electronic health records (EHRs) at multiple organizations with a single sign-on (SSO). OBJECTIVE: This study aims to deploy a federated identity system for health care in a real-world environment so patients can safely use a social identity to access their EHR data at multiple organizations. This will help identify barriers and inform guidance for the deployment of such systems. METHODS: Single-FILE allowed patients to pick a social identity (such as Google or Facebook) as a federated identity for multisite EHR patient portal access with an SSO. Binding the identity to the patient's EHR records was performed by confirming that the patient had a valid portal log-in and sending a one-time passcode to a telephone (SMS text message or voice) number retrieved from the EHR. This reduced the risk of stolen EHR portal credentials. For a real-world test, we recruited 8 patients and (or) their caregivers who had EHR data at 2 independent health care facilities, enrolled them into Single-FILE, and allowed them to use their social identity credentials to access their patient records. We used a short qualitative interview to assess their interest and use of a federated identity for SSO. Single-FILE was implemented as a web-based patient portal, although the concept can be readily implemented on a variety of mobile platforms. RESULTS: We interviewed the patients and their caregivers to assess their comfort levels with using a social identity for access. Patients noted that they appreciated only having to remember 1 log-in as part of Single-FILE and being able to sign up through Facebook. CONCLUSIONS: Our results indicate that from a technical perspective, a social identity can be used as a federated identity that is bound to a patient's EHR data. The one-time passcode sent to the patient's EHR phone number provided assurance that the binding is valid. The patients indicated that they were comfortable with using their social credentials instead of having to remember the log-in credentials for their EHR portal. Our experience will help inform the implementation of federated identity systems in health care in the United States.