Publications – Privacy
The Smart Card Alliance Identity Council developed this position paper to provide the Alliance interpretation and position on the OMB-defined levels of assurance.
This brief was developed by the Smart Card Alliance Healthcare Council to describe the benefits of smart cards for healthcare applications and to provide a comparison with magnetic stripe cards.
- Effective Healthcare Identity Management: A Necessary First Step for Improving U.S. Healthcare Information Systems
Government policy makers are looking carefully at the best ways to improve the efficiency of information systems in the healthcare industry. Much emphasis has been placed on the need for electronic health records for every American, and at ways to exchange those records at the regional, state and national levels. This brief was developed by the Smart Card Alliance Healthcare and Identity Councils to introduce the current problems with healthcare identity management, security and privacy, and propose leveraging existing federal standards and technologies already used in other government identity programs.
The new electronic passports (ePassports) include digital and physical security technologies that are integrated together to provide significantly higher levels of security. ePassports use advanced technologies that secure identities and new processes throughout the entire chain of trust – from manufacturing to use of the ePassport. This frequently asked questions (FAQ) document was developed by the Smart Card Alliance Identity Council to answer questions about how the ePassport works and what technology is used to protect an ePassport holder’s personal information.
This white paper was developed for healthcare CFOs by the Smart Card Alliance Healthcare Council to outline the key benefits and business case for using smart cards for healthcare applications. The white paper outlines some of the major challenges faced by healthcare CFOs and discusses how smart card technology can provide innovative, practical and cost-effective solutions.
- Healthcare Identity Management: The Foundation for a Secure and Trusted National Health Information Network
Policy makers are looking carefully at the best ways to improve our healthcare system with much emphasis being placed on the need for electronic health records for every American. This effort also includes creating an infrastructure to allow the exchange of these records at the regional, state and national levels. This paper introduces the current challenges and explains why identity management in healthcare is an essential and foundational element that must be made a priority by policy makers in order to achieve the goals of widespread use of electronic health records to support the secure and seamless exchange of healthcare information. The paper also recommends best practices for introducing a healthcare identity management infrastructure–one that provides the needed security and privacy controls that should be specified by policy makers.
The Smart Card Alliance developed this position paper to describe the issues with unique identifiers and discuss how smart cards can be used as authenticators when using unique identifiers.
This position paper describes key elements in the design of an identity management system that affect privacy and security and the benefits that smart cards bring to identity management systems.
This FAQ answers questions about privacy, security and smart card benefits for identity management systems.
Healthcare data breaches and medical identity theft are growing problems as the healthcare industry moves to electronic health records and health information exchanges. This brief describes the security and privacy issues that the healthcare industry is facing and advocates that the industry move to strong identity management practices and technology solutions to improve the privacy and security of health information systems and electronic health records.
- Personal Identity Verification Interoperability (PIV-I) for Non-Federal Issuers: Trusted Identities for Citizens across States, Counties, Cities and Businesses
This white paper was developed by the Smart Card Alliance Physical Access Council and Identity Council to describe the benefits of FIPS 201, PIV standards and PIV-I framework for state and local governments to enable interoperability and trust across different government issuers for a wide variety of identity credentialing programs. The white paper discusses policy, process and technology considerations related to the implementation of state and local government identity credentialing initiatives. The white paper summarizes important aspects of the current state of policy, process and technology and identifies opportunities to support additional work to further improve each through the use of the PIV-I framework and the PIV standard.
- Privacy, Identity, and the Use of RFID and RF-Enabled Smart Card Technology – A Smart Card Alliance Brief for State and Local Governments
State policy makers are looking carefully at the use of RFID technology in identity cards and the implications that holds for protecting privacy and personal information in identity applications and systems. This brief was developed by the Smart Card Alliance Identity Council to examine best practices for privacy-secure identity systems from the point of view of card technologies.
This white paper was developed by the Smart Card Alliance Healthcare Council to describe the value that smart cards deliver in a variety of U.S. healthcare applications. Developed as an educational overview for executives and senior managers in healthcare provider organizations, it reviews key challenges that the U.S. healthcare provider industry faces and examines the key drivers for implementing smart card-based systems to address these challenges. The white paper concludes with profiles of a number of organizations who are implementing smart cards illustrating the diversity of applications that are enabled by smart card technology and the business benefits that the technology delivers to healthcare organizations.
The Smart Card Alliance Identity Council developed this white paper to describe the benefits of combining smart card technology and strong credentials within the National Strategy for Trusted Identities in Cyberspace (NSTIC).
This frequently asked questions document was developed to answer questions about how smart cards work and how the technology is used to manage patient identity and protect a healthcare consumer’s personal information.
This white paper was developed by the Smart Card Alliance Physical Access Council to describe the benefits of combining smart cards and biometrics to enable strong verification and authentication of an individual’s identity. The white paper provides an overview of biometrics technology, discusses how it’s used for identification and verification, and describes the benefits of using smart cards and biometrics to enable strong verification and authentication of the cardholder’s identity. The white paper includes eight case study examples of identity verification systems that combine smart cards and biometrics, including the Singapore Immigration Automated Clearance System, the Canadian Airport Restricted Area Identification Card, Amsterdam Schiphol Airport workforce ID card, the University of Arizona Keyless Access Security System, the FIPS 201 Personal Identity Verification (PIV) card, the U.S. Department of Defense Common Access Card (CAC), the U.S. Transportation Worker Identification Credential (TWIC), and the electronic passport.
This white paper was developed by the Smart Card Alliance Healthcare Council to describe the benefits of smart cards to healthcare industry participants. The paper describes the challenges within the healthcare industry and the clear opportunities for the use of smart card technology for security and privacy in healthcare. The paper examines smart card use in healthcare today and suggests additional applications for consideration.
This white paper presents key encryption as a viable approach to safeguarding sensitive data in the public and private sectors, explores the use of Hardware Security Modules (HSM) and delves into effective key lifecycle management.