How to build trust in the source of incoming health data

Enabling seamless data exchange is built on the premise that you can trust both those sending the data and those who will receive it.



This is the third installment of an ongoing series on The Five Rights of Secure Health Data. Previously, we explained the need for these five rights and an open-source way to implement them. Our second article focused on what it means to have “The Right Data.” This article will focus on ensuring “The Right Source.” 


If you missed the first article (which you can read here), the Five Rights of Secure Health Data are the right data, right source, right role, right purpose and right route. 

How do you know you have the right source for incoming data? Alternatively, how can others trust that you’re the right point of origin for data you send? 

These questions can sound both easy to answer and relatively benign. However, in a recent conversation with an individual who is knowledgeable about the Trusted Exchange Framework and Common Agreement (TEFCA), it became clear to us that a major TEFCA roadblock comes directly from the difficulties underlying these questions. 

When some organizations participating in TEFCA receive a request for data on a patient, they may choose not to send PHI until they’re fairly certain about the requester. Why the hesitation? They worry about unintentionally running afoul of HIPAA. It all comes down to trust; how can they be sure the requester is both reputable and authentic?   

As contradictory as it sounds, the best way to ensure that trust is through a practice called zero trust. Even perfectly encrypted data is useless when it originates from an unverifiable or unauthorized source. To maintain the integrity and confidentiality of health data, organizations must ensure their data provenance.  

Data provenance refers to the history of data – its origins, additions, transformations, its uses over time and so on. When correctly established, this metadata layer of information, which is enabled by organizational identity, creates solid data integrity and transparency. Without it, the healthcare ecosystem cannot hope to scale safe, effective patient care in an increasingly digital care setting.  

Without the ability to get absolute certainty, to prove the data, zero trust isn’t much more than a marketing term. Thankfully, when it comes to chasing data provenance, healthcare need not recreate the wheel.  

The global effort to prove the data

Following the 2008 financial crash, it became readily apparent that the global financial watchdogs failed to accurately identify parties involved in transactions on a global scale. As a result, the G20 established the Global Legal Entity Identifier Foundation (GLEIF), a supra-national not-for-profit organization headquartered in Basel, Switzerland. GLEIF’s purpose is to establish a non-jurisdictional, global organizational identity framework. 

And while that may not sound like the most exciting or earth-shattering work, consider that the lack of this framework contributed to the cascading failure of the global economy during the Great Recession. Through GLEIF, the Legal Entity Identifier (LEI) and its digitally secure counterpart, the vLEI (verifiable LEI) were born. 

The implications of what GLEIF has quietly accomplished reach far beyond the financial sector. For the first time, the world has access to a framework for organizational ID that can be cryptographically trusted. This represents a milestone in the march towards a more secure internet. If we seize the moment, it also means a more secure healthcare ecosystem. 

The vLEI enables organizations to use non-repudiable digital signatures on their data exchange. What that jargon-filled sentence means is that — when done properly — using the vLEI verifies that both the sender and recipient of the data are actually who they claim to be. In other words, businesses can now prove their data. 

The value of proving the data comes in three major ways:

  • Preventing data tampering. Strong assurance that the source of data is authorized prevents the sort of unauthorized access that leads to ransomware and theft.
  • Maintaining data integrity. Identifying the source is essential for understanding additions to, or the context of, critical clinical data used in care settings.
  • Building trust. Ironically, never trusting and instead always verifying a source of data is key to building secure relationships digitally. The integrity of data sources is essential for making critical health decisions. Providers, clinicians, payers and even patients need access to data they can trust without hesitation.
  • Verifying the right source 

    Verifying the right source involves several mechanisms and technologies designed to authenticate identities and validate their authority to handle specific data. Here are the key methods currently in use. 

    Digital certificates. Traditionally, digital certificates have been used to verify the credentials of a device or user, similar to a passport, but for data. However, conventional certificate authority (CA) systems have vulnerabilities, such as the risk of issuing certificates to fraudulent actors. CAs even risk being hacked themselves. 

    Blockchain technology. Much has been said about blockchain in healthcare. Proponents argue that by leveraging blockchain, data transactions can include verification of the source through immutable records that are difficult to fake. Truthfully, blockchain technology does represent a move in the right direction, but the requirement for all participants to use the same chain to achieve any security gains presents a serious limiting factor. 

    New cryptographic protocols. Open source, open standard protocols like KERI (Key Event Receipt Infrastructure) provide mechanisms for verifying data integrity and source without reliance on third parties, offering the security gains of other technologies, without requiring all parties to agree on which blockchain to use. 

    Real-world applications and challenges 

    In healthcare, understanding the right source means, for example, simplified patient data management such as when a hospital in one state wants to verify a far-flung clinic’s authenticity before allowing access to PHI. 

    As our national “network of networks” continues to come online, health systems’ ability to check the right source every time becomes increasingly important. Checking this right, along with the other four, on every data transaction provides an essential security layer that our embattled industry is sorely lacking. 

    In the next article, we will explore "the right role," diving deeper into ensuring that only authorized personnel interact with sensitive data.

    Jared Jeffery is a Fellow of the American College of Health Data Management and CEO of healthKERI. Philip Feairheller is CTO of healthKERI. 

    More for you

    Loading data for hdm_tax_topic #care-team-experience...