![]() ![]() Then users enter their name, date of birth, and zip code before verifying their identity.įrom there, the individual’s data - vaccination records and/or test results - is retrieved from state health sources and turned into a QR code. These are important because they remind us that “you are not providing protected health information for health care treatment, payment, or operations (as defined under Health Insurance Portability and Accountability Act (HIPAA).” The first thing a user does is visit New York state’s Excelsior Pass website, click “get started,” then read and agree to the Terms. In the case of Excelsior Pass, the client is the state of New York. IBM’s Digital Health Pass is an app framework that its clients customize. Popular Science spoke with Eric Piscini, VP, Emerging Business Networks, IBM Watson Health, who walked us through the security processes at work with the Digital Health Pass and New York’s Excelsior. With all due respect for the well-intentioned privacy and security concerns and criticisms about the Excelsior, it seems like there are some technical misconceptions around exactly how this system works. As we’ve been learning the hard way over the past several years, most are terrible at protecting your security and privacy, and will go to great lengths to avoid responsibility for their negligence. The rest of the responsibility falls on the app makers and data storers. Choosing a strong password and being vigilant about your security practices (not sharing your passwords, etc.) will always be crucial You’ll also want to know who is responsible for secure these data-protection pain points.įor instance, security on your app is partially on you. – How is my data secured while in transit between these three locations? – How is my data secured “at rest?” That is to say, where is it stored? Where does the app pull your data from and where is it sent? The first things to know when you’re assessing the privacy and security of most apps is to ask these two questions: How IBM’s platform runs New York’s Excelsior Pass The app only shares specific information. ![]() ![]() Worryingly, one reviewer said the app is “complicated to use and easy to fake.” Since these apps will soon be in use domestically and globally, IBM’s Health Pass deserves scrutiny before it earns our trust. The Excelsior Pass touts its privacy and security features - yet glosses over important details with buzzwords like “blockchain”. It’s an app similar to virtual boarding passes, but for vaccinated people who want to smoothly attend concerts, baseball games, and other events that require proof of vaccination or “all clear” test results before entering. New York is the first state to launch a digital vaccine “passport” for use at venues. That’s probably why New York’s Excelsior Pass - running on IBM’s Digital Health Pass platform - got negative press attention about its unanswered privacy and security questions at launch. So the idea of some random app having your medical info so you can go to a concert sets off the alarms, you’re not alone. If you’re like us, there might be one or two apps in the whole world you actually trust. Whether you decide to stay analog or go digital with this new state of affairs, these apps will be rolling out everywhere pretty soon and their user bases will likely grow quickly.ĭigital “vaccine passport” apps bring up some pretty thorny privacy and security issues. You can carry your CDC vaccination card or new test results with you everywhere you go - though that won’t be practical or safe for everyone. Large scale conversations and debates about digital “vaccine passports are already well underway.” New York state recently launched its own app, while governors in Florida, Texas, and Montana have issued orders against the use of vax passes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |