You are here: Resources > FIDIS Deliverables > Interoperability > D4.10: Specification of a portal for interoperability of identity management systems > 
Activity Chart  Foreword
APPLICATION OF THE ACTIVITY CHART IN PRACTICE		  Support guidance

 

Application of the Activity Chart in Practice

The Activity Chart discussed earlier has been expanded into more detail as shown in Figures 5 and 6. Each part of the chart has been subdivided into Steps and Step 1 has been further divided into Processes. The steps are those that need to be considered when performing identity management activities. 

If any of the boxes on these diagrams are selected on the digital version of the Activity Chart, a hyperlink will take the user to the appropriate part of the portal where support or guidance notes will be provide assistance to enable the user to complete a particular task. References will be made to the relevant parts of FIDIS deliverables. 

Each process box has been given a unique reference, e.g. P1.1, which will enable cross- reference to a Check-list that will be provided. 


Figure 5: Step 1: Identity Management Processes 


Figure 6: Steps 2 – 5 

Brief descriptions of typical activities that need to be performed in each box are provided for each step in the Activity Chart. Where appropriate, examples have been taken from e-Health applications. 

 

Step 1: Identity Management Processes

Process 1: Specify Requirements

P1.1: Define Assignment 

  1. Specify e-Health or application of interest 

  2. Specify aspects of identity that need to be included 

  3. Describe other  stakeholders involved

  4. Detail previous experience to be included  

 

P1.2: Set Boundaries 

  1. Define scope of assignment 

  2. Define time-scale 

  3. Determine resource requirements: 

    1. Personnel 

    2. Finance 

 

P1.3: Identify Controlling Factors 

  1. Check legislative requirements 

  2. Determine financial limits 

  3. Specify requirements of each stakeholder 

 

P1.4: Develop Conceptual Model  

  1. Prepare process models & information maps 

  2. Specify security requirements 

  3. Specify software requirements: 

  4. Development of software with: 

    1. Links to internal software 

    2. Links to external software 

 

Process 2: Define Processes

P2.1: Specify Identity Activities 

  1. Patient lifecycle 

  2. Healthcare delivery 

  3. Medical records 

  4. Relevant research projects 

 

P2.2: Develop Identity Processes and Procedures 

  1. Primary care 

  2. Secondary care 

  3. Tertiary care 

  4. Interfaces between stakeholders 

  5. Security procedures 

 

P2.3: Develop Management Processes and Procedures 

  1. Local governance  

  2. Regional governance 

  3. National governance 

  4. EU international governance 

  5. Within and between stakeholders 

 

P2.4: Specify Audit, Monitoring and Compliance Procedures  

  1. Select audit points 

  2. Specify monitoring and auditing procedures 

  3. Ensure compliance 

 

Process 3: Specify Stakeholders

P3.1: Specify Stakeholders 

  1. Health departments  

  1. Health authorities 

  2. Doctors’ surgeries 

  3. Hospitals 

 

P3.2: Agree Identities to be Created, Shared or Exchanged  

  1. Personal 

  2. Locational 

  3. Medical 

  4. Biological 

 

P3.3: Specify Roles and Responsibilities 

  1. Ensure legal obligations 

  2. Maintain all records 

  3. Ensure security of information 

  4. Perform staff training 

  5. Manage procedures within and between stakeholders 

  6. Ensure compliance 

 

P3.4:  Specify Processes and Procedures

  1. Identity procedures within & between stakeholders 

  1. Rules, regulations, statutes & directives 

  2. Investigation procedures 

  3. Training procedures 

 

P3.5: Specify Security and Matching Check Measures 

  1. Specify security in all parts of software and manual systems 

  2. Specify matching checks for all types of identity 

  3. Specify tolerances 

 

Process 4: Information Management

P4.1: Information 

  1. Personal details 

  2. Location details 

  3. Next of kin details 

  4. Medical details 

  5. Biological details 

  6. Stakeholder details 

 

P4.2: Duty of Care 

  1. Ensure legal obligations 

  2. Maintain all records 

  3. Ensure security of information 

  4. Perform staff training 

  5. Manage procedures within and between stakeholders 

  6. Ensure compliance 

 

P4.3: Processes and procedures 

  1. Identity procedures within & between stakeholders 

  2. Comply with rules, regulations, statutes & directives 

  3. Investigation procedures 

  4. Training procedures 

 

P4.4: Enabling Technologies 

  1. Profiling 

  2. Interoperability 

  3. Forensics 

  4. High Tech ID 

  5. Mobility 

 

P4.5: Audit and Control 

  1. Specify audit points 

  2. Specify monitoring & auditing procedures 

  3. Ensure compliance 

 

Step 2: Specify Identity Types

I2: Personal identity 

  1. Name  

  2. Signature  

  3. Insurance number 

  4. Citizen Service Number 

  5. Passport 

  6. Nationality 

 

I2: Biological Identity 

  1. Gender 

  2. Iris print  

  3. Fingerprint 

  4. DNA 

  5. Voice 

 

I3: Situational Identity 

  1. Qualifications 

  2. Profession 

  3. Employment 

  4. Travel 

 

I4: Locational Identity 

  1. Address 

  2. Electoral Roll  

  3. e-mail address 

  4. Business address 

 

Step 3: Specify Identity Technologies

T1: Profiling 

  1. Vast amounts of data have to be processed 

  2. Analysis of databases needs to be performed 

  3. Protect privacy 

 

T2: Interoperability 

  1. Sharing & exchanging information  

  2. Specify stakeholders and their roles and responsibilities 

  3. Communication network 

  4. Security 

 

T3: Forensics 

  1. Analysis of ID crimes  

  2. Accuracy of tech devices  

  3. Integrity of data 

  4. Forensic profiling 

 

T4: High Tech ID 

  1. PKI  

  2. Biometrics 

  3. Electronic signatures 

  4. RFID 

 

T5: Mobility 

  1. Law, technology & sociology aspects  

  2. Mobile devices, smart phones, smart cards 

  3. Location Based Services  

 

Step 4: Specify Identity Lifecycle

L1: Creation 

  1. Collection and correlation 

  2. Digital representation 

  3. Accuracy 

  4. Completeness 

  5. Authenticity 

  6. Uniqueness 

 

L2: Storage 

  1. Devices 

  2. Volumes 

  3. Security 

  4. Duplication & back-up 

  5. Access 

  6. Protect against copying for fraudulent activities 

 

L3: Matching Check 

  1. Digital Identities to be checked  

  2. Accuracy of checks 

  3. Verification 

  4. Checking authority 

 

L4: Maintenance 

  1. Authorization of updates 

  2. Updating all databases 

  3. Ensuring synchronization 

 

L5: Deletion 

  1. Authorization of deletion 

  2. Deletion from all databases 

  3. Archive all deletions 

 

Identity Applications

e-Government 

Applications include: 

  1. Vehicle registration 

  2. Social benefits 

  3. Passports 

 

e-Health 

Applications include: 

  1. Medical records 

  2. Medical insurance  

  3. Healthcare provision 

 

e-Commerce 

Applications include: 

  1. Banking services 

  2. Online purchases 

  3. Payment of bills 

 

 

Activity Chart  fidis-wp4-del4.10.specification_of_a_portal_for_interoperability_of_identity_management_systems.sxw  Support guidance
6 / 12