… there is a clear view that the deployment of low level assurance identities is only a critical first step, not an end in itself. With the initial OpenID pilot, the administration is seeking to teach Internet users how to conveniently and confidently re-use their identities across multiple sites. Federation is a new behavior and as such, it requires training. Federal and State web sites will provide an important training ground of relying parties. … once consumers are comfortable using distributed identities, it becomes possible to alter the login experience by introducing stronger security and identity assurance. This is the ultimate end game since high assurance identity services are pre-conditions to new strategic initiatives.
He reports that there is broad understanding that identity management along the lines of OpenID is critical for many other initiatives, including health care:
To counter balance the $900B expense that the new Obama plan calls for, electronic health records must come to reality. However, eHealth requires access control across a large and complex ecosystem. Users must be able to register, login and access private data across physicians, hospital, pharmacies, labs, insurance, and employers Web sites.
And, I may add, it is clear that having separate usernames and passwords for each one of them is a non-starter. The fact that both Google and Microsoft are OpenID supporters and offer electronic health record-like software as a service could act as a very useful jolt to the health technology vendor cabal, too.
Interesting to see how this will shake out …