I'm forwarding the message below to this list since it contains what I believe is extremely relevant information regarding identifiers, the number of identifiers a given provider may have with a given payer, and thus the implications for requirements/solutions for identifiers.
I've deleted the non-relevant portions of the message. My question to this group: is the assignment of several identifiers to a given provider common business practice? Rachel Rachel Foerster Rachel Foerster & Associates, Ltd. Phone: 847-872-8070 -----Original Message----- From: Hooser, Larry [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 1:24 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Web authentication for HIPAA Thanks for the thoughtful response. Pretty much the same principles I have. Further comment: We have possibly 25,000-40,000 providers needing access with an average of 4-6 ids each; that's 200,000+ users right off the bat. Requiring tokens, readers, cards, etc. in that fluid (staff coming and going, moving, etc.) environment would be costly, cumbersome, overhead intensive (as any "client" solution is), and very challenging - in my view; and I don't believe the software-only certificates add much or any value beyond strong, enforced passwords.