INTEROPen Presents: Staff Access Hackathon

Join us for this NHSX-sponsored hackathon focusing on Identity, Digital Staff Passports, Access Management together with Authorisation and Authentication to help join up care by providing patients and professionals in all care settings with better tools to allow secure access and to improve staff management processes.

With masterclasses prior to the event and workshops, demos and a variety of elective learning sessions throughout the 2 days, this event is for all those interested in learning about, testing and developing the capabilities and tools that will enable patients and professionals involved in their care to share data in a safe and secure manner.

THEMES:

- Identity

- Digital Passports

- Single sign-on

- Access Control

- Issuing and verifying credentials

Please note that, to ensure fair representation from across the health and care ecosystem, we may limit the number of hack participants per external participating organisation to 4. This number may increase closer to the time of the event.

OBJECTIVES:

• Bring together ALBs, local bodies, suppliers and developers from across the community to collaborate on technical building blocks and tools to help resolve challenges facing staff and patients with secure access to apps, APIs and data

• Build upon previous INTEROPen Hackathon use cases, such as sharing staff or patient vaccination status as a verifiable credential to a wallet/passport to support staff on-boarding or personalised patient care, and where the credential is based upon the Immunisation FHIR resource profile and dm+d standards (a specialised medication)

• Explore how Digital Passports and wallets based on the W3C specifications for Verifiable Credentials can provide a mechanism for staff or patients to hold and share verifiable digital versions of their credentials and attributes, coupled with the use of devices and verifiable credentials for multi-factor authentication and single sign-on based on OpenID Connect

• Reduce the time it takes for staff to be on-boarded, to be given access to all the workforce and clinical applications they need, and be able to log in and out of them quickly

• Compliance with assurance requirements, and improving staff and patient experiences by reducing the dependence on passwords

• Demonstration of options for scalable solutions with the potential to meet and improve staff and patient user journeys that are all too often fragmented

• Explore integration of central services such as NHS Identity and ESR with local provisioning services to improve onboarding and end-user experiences

• Explore integration of NHS Login with locally commissioned PHRs and apps that support personalised care objectives

• Provide employers and other bodies with insights and building blocks for issuing/receiving verifiable credentials with staff or patients

• Explore architectural and technical connectivity hurdles, with the opportunity to produce first-of-types

Please also feel free to discuss any additional objectives you may have that you feel would enhance the list.

PREPARATION:

In keeping with INTEROPen values, all interested parties are invited to take part in planning awareness calls. Calls will aim to set out the scope and agenda for the hackathon, and to provide participants with the information to commence their hack plans. The calls will involve the use of Zoom, please ensure you have access to the latest version through your network connection provider for any calls you attend and in the hack itself.

All conversations, technical preparations and updates relating to this event will be shared in the Access Hackathon Forum on Ryver - INTEROPen's collaboration platform**

To help participants prepare for the hack further information will be provided over the coming weeks including:

- Actors and user journeys, covering staff and patient journeys of specific interest

- Access control policy requirements for cross-org data sharing

- Outline of toolkits to support participants, covering:

- Agents for issue & presentation of Verifiable Credentials

- Protocols for SSO to apps and access to APIs - OIDC and OAuth2

- PHR toolkit

- NHS Identity, for staff

- NHS Login, for patients

- Masterclasses: video presentations covering key topics and will be available to full hack participants a week before the hack proper.

The above is to be informed by planning discussions with participants due to take place every Thursday at 3.30pm. Joining details for these calls will be shared in the Access Hackathon forum on Ryver.

PROPOSED AGENDA:

(times tbc with details of breakout sessions to follow)

Pre-event

Master class videos

Day 1 - Monday 21 September

09:00 - Registration and participant set up

10:00 - Welcome from INTEROPen and Introduction

10:15 - User Needs/User Journeys/I&AM architecture + PBAC/RPA

11:00 - NHSx update on Architecture and Standards

11:15 - Verifiable Credentials overview

11:45 - **Comfort break**

11:55 - Standards-based logons to clinical systems

12:15 - Toolkit and prep

12:45 - Workgroup discussion and placement

13:00 - Water cooler regroup

13:10 - **Comfort break and time for lunch**

13:40 - Hack and ongoing presentations

16:50 - Water cooler regroup and Wrap up Day 1

17:00 - Close

(Virtual networking will be available if there is demand)

Day 2 - Tuesday 22 September

08:30 - Registration and gather at the watercooler

09:00 - Hack with concurrent elective sessions

13:00 - Water cooler regroup

13:10 - **Comfort break and time for lunch**

13:40 - Hack with concurrent elective sessions

15:00 - Presentation preparation and registration

15:30 - Post-Hack Presentations

17:20 - Watercooler networking and awards

17:30 - Close and return travel!

WHO SHOULD ATTEND…

THE HACK - Days 1 and 2 (including post-hack session)

Sign up for the full two-day hackathon experience if you are an implementation lead, software engineer, developer, product support analyst, implementation consultant, interface manager or product owner

POST-HACK PRESENTATIONS - Day 2 from 15:00

Sign up for the post-hack presentations and networking if you are a CIO, CCIO, CEO, CMIO, digital transformation lead, IT manager, LHCR/GDE lead, or a care professional with an interest in health informatics.

We look forward to seeing you there!

Team INTEROPen

*ticket charges will be refunded on attendance

**to access Ryver, you will need to be a member of INTEROPen (to ensure GDPR compliance). To become a member, please complete the online joining form at www.interopen.org/join