Monty Flinsch

Today I’m thinking about identity. This is a result of attending the Health2.0 discussion this morning and listening to David Recordon speak about Open ID and XFN (the XHTML Friends Network). All of the social applications here at Web2.0 Expo rely in some part on the user providing and agreeing to share their personal information. Are there standards for the data? How will it be shared? And most importantly, how secure is it? When I give PageFlakes my Gmail username and password to get my mail in a handy little AJAX box on my personal start page, are those credentials safe? Shouldn’t I worry about this at least a little? Would that I could authenticate against a central, trusted identity partner and then provide security tokens to those applications requesting credentials.

This idea is rapidly becoming a reality thanks to OpenID and OAuth. Having a single, trusted identity and a permission granting service is key to taking social media past sharing personal social information to sharing personal private information such as medical data. As a healthcare industry web geek I’m worried about how patients will access and share their medical information.

I’m not sure the public identity standards efforts are quite at the level needed for medical information. Today’s Health2.0 discussions suggested a growing market for medical social media services, all of whom rely on users sharing their data. Maybe not their HIV status, but certainly a summary of their basic health conditions. In order for my social network to build my network associations, it needs to know how to limit the possibilities, limits based on personal information.

Disease support groups come to mind as a super easy application. Why search for people when they could easily be found for you based on condition and some other limiter like location. We’ve been looking at the disease support group concept for a while at work and we keep running up against the data privacy/HIPAA question when it comes to hosting and specifically sharing our patients’ personal information. To date we’ve pushed the activity a step away from us by directing people to a third-party service provider. I feel badly about that. I can’t guarantee that they will have a good experience with that provider, nor do I have any control over the integrity and privacy of their information.

I’m wanting an independent service, run by a non-rofit, and overseen by consumer and industry representatives to manage the storage of my private information. At the very least there should be open and robust standards for how we deal with the data privacy and ownership issues. I also want an open source, open standard for electronic medical records let’s call it MXML for the moment. It bugs me that my most personal and intimate information is currently locked away in a variety of vendor-supplied proprietary systems that I can’t access without jumping through huge hoops.

So I’m a hippie, and that’s a good thing. I should control my identity, the information associated with it and my data should be mine and be portable. Hello dataportability.org.

I’ve noticed an emerging culture at the web conferences I’ve attended over the past couple of years. There are the usual conference inhabitants: sales reps, booth babes/boyz, swag hounds and earnest newbies. These folks are ubiquitous at all conferences these days regardless of the industry. But the web world has it’s own special species, some of which I’ve been able to identify at Web2.0 Expo this week.

1) The Uber Geek - Dress is intentionally deconstructed, t-shirt from failed start-up required, MacBook Pro covered with stickers, knows more about just about anything related to the underlying technologies powering the web than you do. Extra points for skateboarding through the expo hall. These guys make the products but you can’t talk to them unless you are a real hacker. Doesn’t use Twitter, wrote the framework Twitter relies on.

2) The Blogocrat - Shaved head, goatee, MacBook Pro with custom cover. Black shirt, jeans, nerd glasses. Knows everyone, actually uses Twitter for more than journaling trips to the restroom. Works from home/airport and probably has a better handle on what’s going on than the editors of Information Week.

3) The Re-Tread - Enterprise software sales slime now with Web2.0 features added. You know the guys, they sold your company $30M worth of ERP/BPO software in the early 90s and now want to sell you an underlying network service architecture to make the box of parts they sold you last time come closer to working. Company logo polo shirt, $100 hair cut, golf slacks, loafers with tassels and no socks. These guys are your best friends as long as you control corporate money. Loves his Dell Laptop, wants you to join his LinkedIn network so he can have a TweetUp with you.

4) The VC - Or is he? - Blue blazer, open collar dress shirt, dockers, loafers with socks, really good hair.  Shiny new MacBook Air.  Has the secret to monetizng Twitter, just can’t share it with you, yet.  Wants to reach out to a larger market and will talk to you as long as you have knowledge or potential.  Says things like “As a VC you don’t want to know what I’m thinking”.  May be real, may be Memorex.  This guy just might fund your startup so you have to take him seriously.  Follow him on Twitter

Have you noticed any other outstanding types, want to help catalog these rare species? Leave a comment…