Connecting for Health, founded and operated by the Markle Foundation, with additional support over the years from the Robert Wood Johnson Foundation, is a public-private collaborative organization with representatives from more than 100 organizations across the spectrum of health care stakeholders. Its purpose is to catalyze the widespread changes necessary to realize the full benefits of health information technology (HIT), while protecting patient privacy and the security of personal health information. Connecting for Health is continuing to tackle the key challenges to creating a networked health information environment that enables secure and private information sharing when and where it's needed to improve health and health care.

Connecting for Health has produced the following documents that lay the groundwork for this current work product focused on consumer authentication:

• Linking Health Care Information: Proposed Methods for Improving Care and Protecting Privacy (February 2005) – which describes an approach to matching patient records among disparate health care institutions.Available online at: http://www.connectingforhealth.org/assets/reports/linking_report_2_2005.pdf
• Connecting for Health Common Framework: Resources for Implementing Private and Secure Health Information Exchange (April 2006) – which elaborates and defines a set of policy and technical elements necessary to enable secure exchange of health records among providers across the Internet, including a set of principles for privacy and fair information practices in a networked environment. The Connecting for Health Common Framework is composed of nine policy documents on topics such as privacy, notification, audit, and authentication of non-consumer users of the network, and six technical documents that elaborate technical specifications of a network approach based on those policies.Available online at: http://www.connectingforhealth.org/commonframework/index.html
• The Architecture for Privacy in a Networked Health Information Environment (April 2006) – which describes a set of fair information practices that the Common Framework has endorsed to guide systems that support the exchange of personal health information. These principles are:
• Openness and transparency: Consumers should be able to know what information exists about them, the purpose of its use, who can access and use it, and where it resides. They should also be informed about policies and laws designed to ensure transparency on how privacy is assured.
• Purpose specification and minimization: The purposes for which personal data are collected should be specified at the time of collection, and the subsequent use should be limited to those purposes or others that are specified on each occasion of change of purpose.
• Collection limitation: Personal health information should only be collected for specified purposes and should be obtained by lawful and fair means. Where possible, consumers should have the knowledge of or provide consent for collection of their personal health information.
• Use limitation: Personal data should not be disclosed, made available, or otherwise used for purposes other than those specified.
• Individual participation and control: Consumers should be able to control access to their personal information. They should know who is storing what information on them, and how that information is being used. They should also be able to review the way their information is being used or stored.
• Data quality and integrity: All personal data collected should be relevant to the purposes for which they are to be used and should be accurate, complete, and current.
• Security safeguards and controls: Personal data should be protected by reasonable safeguards against such risks as loss or unauthorized access, destruction, use, modification, or disclosure.
• Accountability and oversight: Entities in control of personal health information must be held accountable for implementing these principles.
• Remedies: Legal and financial remedies must exist to address any security breaches or privacy violations.
• Connecting Americans to Their Health Care: A Common Framework for Networked Personal Health Information (December 2006) – which envisions a consumer-accessible data stream, consisting of electronic copies of personal health data that have been captured at various points on a network (e.g., doctor's offices, hospital systems, pharmacies and pharmacy benefit managers, labs, diagnostic imaging services, etc.).Available online at: http://www.connectingforhealth.org/phti/docs/ConsumerNetwork.pdf