There are numerous reasons organisations are interested in data sharing. However, deduplication is one of the most common reasons. This is the fourth part of a short series of posts looking at different options for data sharing especially for deduplication purposes.
Model 1, Model 2, and Model 3 are all centralised models. They assume the need for some variation of a central data layer which is ‘owned’, controlled or managed by one of the agencies involved. Model 4 moves us to towards decentralisation but is a bit of a hybrid model.
Model 4 seeks to give the person, about whom the data is, access to their data. Whereas Models 1-3 have centralised data layers and are centred around organisations. Model 4 starts with a different perspective, which changes things.
In this model, an organisation registers a person. As part of the registration process, they create a digital wallet for the individual into which they put a credential with the information they collect about the person. Therefore, both the organisation and the person have access to the information. The person can the information about them that they now have digitally, with whomever they wish.
In addition to the credential with the information, the registering organisation adds a second credential to the wallet – a community or response credential of sorts. This community credential is a unique number/identifier. Only one community credential can ever be written to the wallet. Think of it as a ‘membership’ number.
This unique community number is simultaneously written into a community registry that all agencies who are working together have access to. This communal registry is simple a record of the unique numbers. They identify a wallet and signify that a person exists connected to that wallet.
To prevent the person from having multiple wallets, the group of agencies working a location could agree to a ‘hashing’ process similar to Model 3. The hash can be part of the community credential so that uniqueness can be checked across the community. However, because the ‘hashing’ process is done by the registering organisation it cannot be reversed engineered (at the moment).
And where do these digital wallets ‘sit’? Assuming the people we work do not have a smartphone (it’s very rare), the wallets need to be hosted online. This can be done by the registering organisation or a supplier. However, the host has no access to the wallet at all.
While this model is more complex than the others, it does enable both organisations and the people about whom the data is to have access to it. It also enables deduplication within a specific ‘community’. And while the model appears complex, almost all the technology is easily available and proven.