The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Cross-Enterprise Security and Privacy Authorization (XSPA)

XSPA Logo

XSPA Overview

The OASIS XSPA TC works to standardize the way healthcare providers, hospitals, pharmacies, and insurance companies exchange privacy policies, consent directives, and authorizations within and between healthcare organizations. The OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) Technical Committee will specify healthcare profiles of existing OASIS standards to support reliable, auditable methods of confirming personal identity, official authorization status, and role attributes. This work aligns with security specifications being developed within the U.S. Healthcare Information Technology Standards Panel (HITSP).

 

XSPA Profile of SAML 2.0 for Healthcare

This profile describes a framework in which SAML is encompassed by cross-enterprise security and privacy authorization (XSPA) to satisfy requirements pertaining to information-centric security within the healthcare community

 

Profile Development

Historical Timeline

 

Interop Demonstrations

 An 8-minute video overview is available for viewing covering the underlying reference technology developed for the HIMSS 2009 conference.

 

Related Documents

 Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of SAML 2.0 For Healthcare version 1.0.

Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of XACML 2.0 For Healthcare version 1.0.

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I