Details
-
Technical Correction
-
Resolution: Unresolved
-
Medium
-
Interoperable Digital Identity and Patient Matching (FHIR)
-
current
-
Patient Administration
-
Guidance on Identity Assurance
-
3.1
Description
The following text is unclear: "The levels articulated below and the systems of Identity Providers following this guidance SHALL be consistent with NIST 800-63-3 Digital Identity Guidelines except as specified otherwise in this guide."
Is the intent to require NIST 800-63-3 compliance in addition to this guidance? Then keep it a shall, but reword - it sounds like the levels are required to be consistent with NIST, not just systems, and maybe "be consistent with" isn't what we are after.
Is the intent just to note that the guidance here is consistent with NIST? Then remove the conformance verb, as there's nothing for implementers can do.