- By John Fraser, CEO of MEDNET

Last month, we discussed the benefit of Federated Identity Management or FIM (read more here). If you recall, Federated Identity Management is the sharing of an identity, carefully managed between different systems. Now lets look at some successful Federated Identity Management implementations:

Microsoft developed a single, sharable login called “Microsoft Passport” which was released in 1999. While in use by a fairly large amount of people, it has not been commercially successful. In fact, the product has been renamed 4 times, from Passport, to .Net Passport, then Microsoft Passport Network, but is now called simply “Windows Live ID”. The idea was to create a single login that could be shared between systems and vendors, but for many reasons, Windows Live ID is mostly used by web sites that are owned or controlled by Microsoft.

Another related effort to create a multi-vendor (vs. Microsoft’s single vendor) standard was the Liberty Alliance, formed in September 2001. Liberty developed the SAML2.0 specification which allows the setup and sharing of secure identities. While commercially successful, it has not been adopted by larger public web sites given its complexity. When security is critical, however, SAML2.0 and the Liberty standards have been considered “industrial quality”.

Liberty has now merged with a new organization called the Kantara Initiative. Kantara is a collaboration of the old Liberty Alliance and the newer OpenID and InfoCard efforts. Kantara has a health care identity assurance Work Group, which is working on a patient portal service to allow patients to access their providers over the new Nationwide Health Information Network, or NHIN.

The most successful, multi-vendor federated identity management system is OpenID, originally developed in 2005. With over a billon OpenID enabled accounts, the system is now owned by the OpenID Foundation, formed in June 2007. The goal of OpenID is to create a simple, easy way to log into many web sites using a single set of credentials. It has been adopted by thousands of web sites, including Sears, Kmart, FoxNews, AOL, Google, PayPal, MySpace, FaceBook, Microsoft, etc. Even the federal government is working to allow OpenID access to certain government services. OpenID’s biggest challenge is ensuring that identity providers are secure, and not the weakest link.

I believe that it’s just a matter of time until federated identity management, or FIM, plays a key role in health care, allowing providers, patients and others a fast, secure and easy way to access scores of services with a single ID. FIM is here to stay, and can be of great benefit to healthcare and the healthcare ecosystem.