The White House has begun developing a strategy for securing online transactions and stemming identity fraud that pays particular heed to the importance of building a trusted arena for electronic healthcare transactions.
Howard Schmidt, the nation's cyber security coordinator, said this week that the administration wants to make online commerce more secure so that government, industry and consumers will feel comfortable doing more of their business on the Internet.
The plan to develop a strategy will focus on ways to improve identity management, Schmidt said at a May 11 conference on privacy and security sponsored by the Health and Human Service Department's Office of Civil Rights and National Institute for Standards and Technology.
As part of that effort, the administration will roll out a "trust framework" incorporating authentication technologies, standards, services and policies that government, industry and consumers could adopt.
"The key issue is that we have to instill trust in the system," Schmidt said. "If we don't trust the system, we won't use it and if we don't use it, we lose its [potential] benefits.
Schmidt cited new electronic medical devices used by or implanted in patients as among the factors increasing the urgency of his work. They include devices such as wireless pacemakers that can transmit data to a smart phone or computer system and directly into an electronic health record.
Identity management currently represents a diverse marketplace of vendor solutions and methods. But these approaches must also be interoperable, privacy-enhancing, voluntary, cost effective and easy-to-use, Schmidt said. That's especially true in the healthcare arena, where the push is on to encourage small practices and individual providers to adopt electronic health records.
"One-person physician offices have to be part of this system," Schmidt said. "They have to have the capacity to trust identity and to trust medical records and information because they don't have infrastructure and they don't have a CIO."
The president is "concerned and very committed" to making sure that as healthcare goes electronic that "we also have the right controls for security and privacy," Schmidt said.