More than a year into the COVID-19 outbreak and the lockdowns to slow the spread of the virus, one of the key factors to reopen the United States and some other countries may be a requirement for individuals to prove that they have been vaccinated against COVID-19. This “Proof” of vaccination is called vaccine credentialing and will likely be embodied in a paper or electronic certificate. We have discussed this extensively in a series of articles (see below). On the other hand, there are already systems of records that have a far more extensive vaccination history. There is a major concern here among public health officials that the push to minimalization with vaccine credentials will push aside fuller vaccination history. As part of their core function, Immunization Information Systems (IIS) already provide complete and comprehensive immunization records for the individuals whose records they hold either directly or through a clinical provider. In this article, we will address the similarities and differences between vaccine credentials and traditional immunization histories and offer some opportunities for public health to maintain its role in data access.
As we noted in previous posts, a key factor in ending the lockdown measures and reopening the United States and some other countries may be a requirement for individuals to prove that they have been vaccinated against COVID-19. “Proof” of vaccination will likely be embodied in a paper – or perhaps electronic – certificate whose source and contents can be independently verified to ensure validity. Uses of such a certificate may include international travel, and perhaps also regional travel (like what is being proposed in the European Union), admission to large venues such as sporting events or other entertainment, and even school or business admission.
For more than 20 years, a critical part of public health’s response is to operate a specialized form of electronic record software platforms known as Immunization Information Systems (IIS). One of the key capabilities of IIS is to consolidate data from many sources, primarily from electronic health records (EHR) systems as well as other clinical record systems. IIS also provide clinical decision support (CDS) by automating the complex clinical guidelines that determine which vaccine doses are valid and which may be due now or in the future for a patient. IIS contain a mixture of data from sites administering vaccines as well as historical data provided by clinical users for doses administered at other sites (e.g., a transcription of a paper immunization record that a patient might provide). In many jurisdictions, IIS are considered authoritative, legal sources of information for such purposes as school compliance, daycare, and camp admission. My company, HLN Consulting, supports IIS directly in New York City and Rhode Island, and also works with many other states to implement their IIS solutions in their state and local health facilities.
As part of their core function, IIS provide complete and comprehensive immunization records for the individuals whose records they hold either directly or through a clinical provider. These records are typically used for school/child care certification; summer camp and extracurricular program admission; and workplace vaccination certification. They also assist clinical care sites in ensuring that patients (and their guardians) understand their immunization status, and current and future immunization needs. Comprehensive immunization records are not the same thing as vaccine credential, and it would be inappropriate for vaccine credentials to seek to replace them.
Here is a quick comparison of these two approaches to vaccination records:
Attribute | Complete Vaccination Record | Vaccination Credential |
Data Set | Unlike vaccine credentials, IIS usually contain complete vaccination records with more complete information for each vaccination event. Reports vary in terms of the data they contain, and it often has to do with more than just the basic clinical events. | Part of ensuring privacy is insisting that as small a data set as possible is used to accomplish the intended purpose, similar to the US government’s “minimum necessary requirement” rule under the HIPAA Privacy Rule. In many implementations (including the SMART Health Cards Implementation Guide), this means that the demographic data is restricted to no more than the name and perhaps the date of birth of the credential holder, and for the doses administered just the vaccine code, date, and administering organization. |
Record Completeness | Unlike vaccine credentials, IIS reports usually indicate more than just the fact that a vaccination took place. They usually include a more complete vaccination record and note, based on detailed clinical decision support rules, whether a vaccination was clinically invalid and therefore should not be counted towards disease immunity for the patient. They also show vaccinations not yet administered but due for the patient now or in the future based on these rules. It is not enough to just show that vaccination events took place; they must be evaluated in their clinical context. This vaccine forecast for the patient is an important value-add for IIS to patients (and providers!). | A verifiable credential contains just the “raw” clinical facts related to immunization. It does not contain evaluation, judgement, or interpretation of those facts in any context. It is up to the verifier who uses the credential for a specific purpose to interpret what it means. Vaccine credentials, for instance, should not even indicate whether a dose of a vaccine is clinically valid (and therefore should not indicate the dose number in a series, like Dose 1 or Dose 2 of a COVID-19 vaccination). They certainly should not contain an immunization forecast of doses that might be due for the credential holder now or in the future. |
Data Presentation | These reports are typically printed by a provider for a patient (or by a patient directly), or downloaded as a PDF file by (or for) the patient. Some IIS (or the consumer applications that access them) have begun to show QR codes as a means to access the records but these are rarely compliant with the emerging World Wide Web Consortium (W3C) verifiable credentials standard to which many organizations working in this area aspire. | The majority of implementations of vaccine credentials are focused on smartphones. Smartphones are the most common consumer handheld computer device. They can be used to represent the credential itself as a Quick Response, or QR code, which is a form of two-dimensional bar code. In common practice, QR codes contain either all the data intended for use or a URL pointing to the location where that data can be found. Many believe as a matter of principle that all the data related to the vaccine credential should be contained in the QR code itself. Since a QR code can only hold a limited amount of data, this approach can add complexity by requiring that a longer vaccination record has to be stored across multiple QR codes. |
Privacy Protection | IIS try to ensure that no personal information or protected health information is visible or usable for any purpose other than the intended use. This means that a minimum amount of identifying information is typically on the report: usually just name, date of birth, and gender. | Vaccine credentials try to ensure that no personal information or protected health information is visible or usable for any purpose other than the intended use. In many implementations, this means that very little information is actually visible to any user, often including the credential holder (i.e., the consumer) as well! This often translates into support for a minimum data set. |
While all IIS provide access to patient immunization summary reports for clinical providers, an increasing number are allowing patients to access the IIS directly for these records. There are some barriers to doing this effectively, including legal/policy barriers in some jurisdictions; problems authenticating patients so they only see records for which they have authorization; and technical limitations in the capacity of some IIS to support yet another set of users trying to access data.
The challenge of giving Americans digital access to their health data is not new. For years, consumers have had to navigate difficult and arcane processes to get to their own records. These obstacles were often deliberately set up by health care providers to keep clients from easily switching to competitors. The 21st Century Cures Act was meant to correct this problem and the federal government set an April 2021 implementation date to improve consumer access to health information and to remove institutional “information blocking.” While public health registries are generally not subject to these new regulations, the healthcare community increasingly has set its expectations on gaining access to data that public health collects for the public good.
While public health systems like IIS may be the best source of information for consumers, as they are for healthcare providers, it may be more effective for them to rely on intermediaries to serve up vaccine credentials for them. The vaccine credential community is starting to refer to these entities as “proxy issuers” of credentials in that they get the data from reliable sources (like IIS) which do not have the technical infrastructure to provide true digitally-verifiable credentials. These proxy organizations provide that certification so long as they are trusted to do so. Working with proxy issuers may give IIS the opportunity to participate in vaccine credentialing more quickly and easily. This is essentially the architecture being used by NY State with their deployment of the IBM Excelsior pass.
A second opportunity for public health is to expand access to the vaccine evaluation and forecasting rules that drive most IIS (see earlier post: “It’s All About the Rules!”). These rules determine if vaccinations are clinically valid and predict vaccinations that may be due for the patient now or in the future. As discussed above, this information is very valuable to both clinicians and consumers. But the rules themselves are needed by the vaccine credentialing community to help determine if a credential holder’s vaccinations are in fact valid and appropriate. Electronic access to these rules could be provided by IIS to other systems through electronic interfaces that would allow these other systems to use these authoritative rules just as IIS do. For example, HLN supports an open source rules engine called ICE that is integrated into several IIS through a standards-based interface. These rules could just as easily be accessed by other systems to extend these services from IIS more broadly in the community while still allowing public health agencies to appropriately control the details of the rules themselves.
Previous posts on vaccine credential activities:
A Complicated Path Forward in the US (Part 1) – Potential Sources of Data (A discussion of the basic philosophy of the vaccine credentialing movement, including where data for use in a digital vaccine credential might come from in the US, IIS will likely be a major source of this data.)
A Complicated Path Forward in the US (Part 2) – Major Initiatives Underway (A review of the major vaccine credentialing initiatives that are currently underway worldwide, including VCI, CCI, the EU and WHO.)
A Complicated Path Forward in the US (Part 3) – Recommendations (Initial recommendations for how public health agencies in the US – federal, state, and local – should approach vaccine credentialing. Additional federal leadership would certainly be useful.)
WHO Interim Guidance (Comments on the Interim Guidance released by WHO for member countries in March 2021. Their recommendations are particularly unsuited for the US)
It’s All About the Rules! (for vaccine credentialing to be effective the issue boils down to the rules that are going to be developed and adopted to make the SVC’s usable. Many of these rules currently don’t exist so we will start by analyzing some key factors.)
Vaccine Credential Activities: Redirecting the Conversation for Public Health Registries (In this blog we issue more specific advice for public health agencies about vaccine credentialing to reduce confusion about what vaccine credentialing is and how it functions.)
Send us feedback about this blog