Skip to Main Content

insightsarticles

COVID-
19 laws and their impact on state public health agencies

By: Sarah Stacki,

Laura Hill is a Consultant with BerryDunn working in the State Government Practice Area. She specializes in public health. She has experience working with state and local government public health agencies, not-for-profit organizations, and healthcare systems on strategic planning and project implementation. In addition, she has specialized training and expertise in food security, outdoor play environments for children, and obesity prevention in children and teens.

 Laura Hill
04.16.20

Read this if you work at a public health department and would like a brief summary of how you can maximize funding and meet new federal requirements.

Unpacking the trillions

In response to the COVID-19 pandemic, several pieces of legislation were passed by congress and signed into law. The three bills, H.R. 6074 Coronavirus Preparedness and Response Supplemental Appropriations Act, H.R. 6201 Families First Coronavirus Response Act, and H.R. 748 Coronavirus Aid, Relief, and Economic Security (CARES) Act, have provided funding for various federal agencies with different roles in responding to the crisis. Because of the urgency required, much of the guidance for use of funds and reporting requirements were released after passage of the bills or have yet to be released.

Here is a brief timeline and summary of the acts:

Implication and next steps for state public health departments

While little guidance has been provided for how state public health departments should prepare to access federal funds, BerryDunn will continue to monitor and release updates as they become available. 

While at this point HR 6074 has the greatest implications for public health departments, here are some actions that states should take now for their public health programs from the recent legislation:

  1. H.R. 6074: Provides appropriations to the CDC to be allocated to states for COVID-19 expenses.
    • To ensure maximum funding, prepare a spend plan to submit to CDC.
    • To ensure compliance, provide CDC with copies or access to COVID-19 data collected with these funds.
    • To maximize the impact of new funding, develop a COVID-19 community intervention plan.
    • To support streamlined operations, submit revised work plans to CDC.
    • To prevent missed deadlines, submit any requests for deadline extensions to the CDC.
  2. H.R. 6201: Provides guidance specific to the Special Supplemental Nutrition Program for Women, Infants, and Children (WIC) programs.
    • To encourage social distancing and loosen administrative requirements, seek waivers through the USDA’s Food and Nutrition Service (FNS).
    • To ensure compliance, prepare to submit a report summarizing the use of waivers on population outcomes by March 2021.
  3. H.R. 748: Allocates $150 billion to a coronavirus relief fund for state, local, and tribal governments.
  • To secure funding, monitor the US Department of Health & Human Services (HHS) for guidance on using funds for:
    • Coronavirus prevention and preparation
    • Tools to build health data infrastructure
    • COVID-19 Public Health Emergency expenses
    • Developing countermeasures and vaccines for coronavirus
    • Telehealth and rural health activities
       
  • To ensure HIPAA compliance when sharing protected patient health information, monitor the US Department of Health & Human Services (HHS) for guidance.

For more information

For specific issues your agency has, or if you have other questions, please contact us. We’re here to help. 

Related Services

Consulting

Information Systems

Organizational and Governance

Related Professionals

BerryDunn experts and consultants

CYSHCN programs have new care coordination standards―how does your agency measure up?

On October 15, 2020, the National Academy for State Health Policy (NASHP) released new care coordination standards for Children and Youth with Special Health Care Needs (CYSHCN) programs. The National Care Coordination Standards supplement the National Standards for Systems of Care, helping to ensure that children and youth with special health care needs receive the high-quality care coordination needed to address their specific health conditions.

The standards also set requirements for screening, identification, and assessment, a comprehensive shared plan of care, coordinated team-based communication, development of child and family empowerment skills, a well-trained care coordination workforce, and smooth care transitions. 

What do the standards mean for CYSHCN programs

The National Care Coordination Standards are more than guidelines for CYSHCN programs; aligning with the standards can lead to operational efficiencies, greater program capacity, and improved health outcomes. The standards can serve as a lens for continuous improvement, highlighting where programs can make changes that reduce the burden on care coordinators and program administrators.

However, striving to meet the standards can be challenging for many programs—as the standards develop and evolve over time, many programs struggle to keep up with the work required to update processes and retrain staff. Assessing a CYSHCN program’s processes and procedures takes time and resources that many state agencies do not have available. Despite the challenge, when state agencies are the most strapped is often when making change is the most needed. A shrinking public health workforce and growing population of CYSHCN means smooth processes are essential. To take steps towards National Care Coordination Standards alignment, BerryDunn recommends the following approach: 

A proven methodology for national standards alignment

There are many ways you can align with the standards. Here are three areas to focus on that can help you guide your agency to successful alignment. 

  1. Know your program
    It can be easy for processes to deteriorate over time. Process mapping is an effective way to shed light on current work flows and begin to determine holes in the processes. Conducting fact-finding sessions to map out exactly how your program functions can help pinpoint areas of strength―and areas where there is room for improvement.
  2. Compare to the national standards
    Identify the gaps with a cross-walk of your program’s current procedures with the National Care Coordination Standards. We assess your alignment through a gap analysis of the process, highlighting how your program lines up with the new standards.
  3. Adopt the changes and reap the benefits
    Process redesign can help implement the standards, and even small adjustments to processes can lead to better outcomes. Additionally, you can deploy proven change management methodologies programs that ease staff into new processes to produce real results.

Meeting national standards doesn’t have to be complicated. Our team partners with state public health agencies, helping to meet best practices without adding additional burden to program staff. We can help you take the moving pieces and complex tasks and funnel them into a streamlined process that gives your state’s children and youth the best care coordination. 

Article
Using process redesign to align with new CYSHCN standards

Revolutionizing the way information is stored and received, blockchain is one of the most influential technologies of the past decade. Mostly known for its success with the digital payment system, Bitcoin, blockchain also has potential to transform the public sector, and further, the way citizens interact with government. Many states are considering this potential, but are stuck asking the most basic question: How can the public sector implement blockchain? The first step is to understand exactly what blockchain really is.

Blockchain—What is it?
At the highest level, blockchain is termed a Distributed Ledger Technology (DLT): data within a blockchain is not controlled by a single, centralized entity, but rather, is held by millions of systems simultaneously. This “chain” of systems, or DLT, not only decentralizes data, but also ensures it is incorruptible, as each “block” of data in the DLT connects using highly advanced encryption technology. Further, you can share each “block” without exposing the entirety of the blockchain’s data, enabling data sharing without compromising sensitive information. Blockchain’s opportunity lies in the core of its model, as being able to securely share records (containing sensitive information such as birth certificates, marriage licenses, property deeds, professional licenses, etc.), could connect different government services and create more efficient processes.

States across the nation are intrigued by the potential of blockchain, but unsure of just how to implement it successfully. Illinois, through the Illinois Blockchain Initiative, has been a leader in exploring blockchain’s possibilities in government. Here is some of their first-hand insight and advice.

Blockchain in Government—Illinois’ Perspective
Sunil Thomas, Cluster CIO, State of Illinois, assisted in the creation of the Illinois Blockchain Initiative in 2016, and is now a leader in testing and implementing blockchain technology across state services. BerryDunn connected with Sunil in August 2018, and he provided unique advice for other states considering a blockchain initiative.

Specifically, Sunil broke down the processes the Initiative used to advance the technology within the state, and shared three key pieces of advice for successful blockchain implementation:

  1. Host a statewide education campaign for blockchain to ensure all state leaders, including legislators, are equipped with a clear understanding of blockchain technology and its place in government. This education campaign may include extensive research into blockchain technology. Illinois, for instance, began their initiative by issuing a Request for Information (RFI) from vendors within the blockchain market. Additionally, Illinois collaborated with a local start-up that specializes in blockchain in order to gain subject matter expertise into blockchain development. 
  2. Initiate organized pilot projects to guide the direction of blockchain in the state and select what use cases should go through the full implementation process. At first, you should use blockchain projects to complement current state services. This ensures continuation of services, and allows for comprehensive transition time. Additionally, states should ask the questions: Why shouldn’t this service be delivered using a traditional solution?, and further, Why do we specifically need blockchain for this solution?, before each pilot. This will help you leverage the right services, with the greatest potential, as pilot blockchain projects.
  3. Create a statewide roadmap for blockchain to build an ecosystem that supports the technology. This “Blockchain Roadmap” should highlight a navigation plan for both state and federal regulations, and ensure that blockchain procurement strategies are understood. The roadmap can include a comprehensive cost-benefit analysis to determine a return on investment (ROI) for specific services considered for blockchain leverage. Overall, the roadmap will act as a guide throughout the entirety of the blockchain initiative, and will ensure the state’s vision for blockchain is achievable.

These key pieces of advice can provide a foundation for state’s looking to leverage blockchain to improve services; although each state should tailor blockchain technology to its specific needs. The Illinois Blockchain Initiative’s experience clearly demonstrates there is a way to navigate blockchain successfully in the public sector, and shows that the technology truly can assist in the transformation of government services moving forward.

Article
Blockchain in government: Advice from leaders at the Illinois Blockchain Initiative

Modernization means different things to different people—especially in the context of state government. For some, it is the cause of a messy chain reaction that ends (at best) in frustration and inefficiency. For others, it is the beneficial effect of a thoughtful and well-planned series of steps. The difference lies in the approach to transition - and states will soon discover this as they begin using the new Comprehensive Child Welfare Information System (CCWIS), a case management information system that helps them provide citizens with customized child welfare services.

The benefits of CCWIS are numerous and impressive, raising the bar for child welfare and providing opportunities to advance through innovative technology that promotes interoperability, flexibility, improved management, mobility, and integration. However, taking advantage of these benefits will also present challenges. Gone are the days of the cookie-cutter, “one-size-fits-all” approach. Here are five facts to consider as you transition toward an effective modernization.

  1. There are advantages and challenges to buying a system versus building a system internally. CCWIS transition may involve either purchasing a complete commercial off-the-shelf (COTS) product that suits the state, or constructing a new system internally with the implementation of a few purchased modules. To decide which option is best, first assess your current systems and staff needs. Specifically, consider executing a cost-benefit analysis of options, taking into account internal resource capabilities, feasibility, flexibility, and time. This analysis will provide valuable data that help you assess the current environment and identify functional gaps. Equipped with this information, you should be ready to decide whether to invest in a COTS product, or an internally-built system that supports the state’s vision and complies with new CCWIS regulations.
     
  2. Employ a modular approach to upgrading current systems or building new systems. The Children’s Bureau—an office of the Administration for Children & Families within the U.S. Department of Health and Human Services—defines “modularity” as the breaking down of complex functions into separate, manageable, and independent components. Using this modular approach, CCWIS will feature components that function independently, simplifying future upgrades or procurements because they can be completed on singular modules rather than the entire system. Modular systems create flexibility, and enable you to break down complex functions such as “Assessment and Intake,” “Case Management,” and “Claims and Payment” into modules during CCWIS transition. This facilitates the development of a sustainable system that is customized to the unique needs of your state, and easily allows for future augmentation.
     
  3. Use Organizational Change Management (OCM) techniques to mitigate stakeholder resistance to change. People are notoriously resistant to change. This is especially true during a disruptive project that impacts day-to-day operations—such as building a new or transitional CCWIS system. Having a comprehensive OCM plan in place before your CCWIS implementation can help ensure that you assign an effective project sponsor, develop thorough project communications, and enact strong training methods. A clear OCM strategy should help mitigate employee resistance to change and can also support your organization in reaching CCWIS goals, due to early buy-in from stakeholders who are key to the project’s success.
     
  4. Data governance policies can help ensure you standardize mandatory data sharing. For example, the Children’s Bureau notes that a Title IV-E agency with a CCWIS must support collaboration, interoperability, and data sharing by exchanging data with Child Support Systems?Title IV-D, Child Abuse/Neglect Systems, Medicaid Management Information Systems (MMIS), and many others as described by the Children’s Bureau.

    Security is a concern due to the large amount of data sharing involved with CCWIS systems. Specifically, if a Title IV-E agency with a CCWIS does not implement foundational data security measures across all jurisdictions, data could become vulnerable, rendering the system non-compliant. However, a data governance framework with standardized policies in place can protect data and surrounding processes.
     
  5. Continuously refer to federal regulations and resources. With the change of systems comes changes in federal regulations. Fortunately, the Children’s Bureau provides guidance and toolkits to assist you in the planning, development, and implementation of CCWIS. Particularly useful documents include the “Child Welfare Policy Manual,” “Data Sharing for Courts and Child Welfare Agencies Toolkit,” and the “CCWIS Final Rule”. A comprehensive list of federal regulations and resources is located on the Children’s Bureau website.

    Additionally, the Children’s Bureau will assign an analyst to each state who can provide direction and counsel during the CCWIS transition. Continual use of these resources will help you reduce confusion, avoid obstacles, and ultimately achieve an efficient modernization program.

Modernization doesn’t have to be messy. Learn more about how OCM and data governance can benefit your agency or organization.

Article
Five things to keep in mind during your CCWIS transition

Read this if you are a State Medicaid Director, State Medicaid Chief Information Officer, State Medicaid Project Manager, or State Procurement Officer—or if you work on a State Medicaid Enterprise System (MES) certification or modernization efforts.

You can listen to the companion podcast to this article, Organization development: Shortcuts for states to consider, here: 

Over the last two years, the Centers for Medicare and Medicaid Services (CMS) has undertaken an effort to streamline MES certification. During this time, we have been fortunate enough to be a trusted partner in several states working to evolve the certification process. Through this collaboration with CMS and state partners, we have been in front of recent certification trends. The content we are covering is based on our experience supporting states with efforts related to CMS certification. We do not speak for CMS, nor do we have the authority to do so.

What organization development (OD) shortcuts can state Medicaid agencies consider when faced with competing priorities and challenges such as Medicaid modernization projects in flight, staffing shortages, and a retiring workforce?

The shortcuts include rapid development and understanding of the “why”. This requires the courage to challenge assumptions, especially around transparency, to allow for a consistent understanding of the needs, data, environment, and staff members’ role in impacting the health of the people served by a state’s Medicaid program. To rapidly gain an understanding of the “why”, state Medicaid agencies should:

  1. Accelerate the transparency of information and use of data in ways that lead to a collective understanding of the “why”. Accelerating a collective understanding of the why requires improved communication mechanisms. 
  2. Invest time to connect with staff. The insistence, persistence, and consistency of leaders to stay connected to their workforce will help keep the focus on the “why” and build a shared sense of connection and purpose among teams.
  3. Create the standard that planning involves all stakeholders (e.g., policy, operations, systems staff, etc.) and focus on building consensus and alignment throughout the organization. During planning, identify answers to the following questions: What are we trying to achieve, what are the outcomes, and what is the vision for what we are trying to do?
  4. Question any fragmentation. For example, if there is a hiring freeze, several staff are retiring, and demand is increasing, it is a good idea to think about how the organization manages people. Question boundaries related to your staff and the business processes they perform (e.g., some staff can only complete a portion of a business process because of a job classification). Look at ways to broaden the expectations of staff, eliminate unnecessary handoffs, and expect development. Leaders and teams work together to build a culture that is vision-driven, data-informed, and values-based.

What are some considerations when organizations are defining program outcomes and the “why” behind what they are doing? 

Keep in mind that designing system requirements is not the same as designing program outcomes. System requirements need to be able to deliver the outcomes and the information the organization needs. With something like a Medicaid Enterprise System (MES) modernization project, outcomes are what follow because of a successful project or series of projects. For example, a state Medicaid agency looking to improve access to care might develop an outcome focused on enabling the timely and accurate screening and revalidation for Medicaid providers. 

Next, keeping with the improving access to care example, state Medicaid agencies should define and communicate the roles technology and staff play in helping achieve the desired outcome and continue communicating and helping staff understand the “why”. In Medicaid we impact people’s lives, and that makes it easy to find the heart. Helping staff connect their own motivation and find meaning in achieving an outcome is key to help ensure project success and realize desired outcomes. 

Program outcomes represents one of the six major categories related to organizational health: 

  1. Leadership
  2. Strategy
  3. Workforce
  4. Operations and process improvement 
  5. Person-centered service
  6. Program outcomes

Focusing on these six key areas during the analysis, planning, development, and integration will help organizations improve performance, increase their impact, and achieve program outcomes. Reach out to the BerryDunn’s Medicaid and Organization Development consulting team for more information about how organization develop can help your Medicaid agency.
 

Article
Outcomes and organization development, part II

Read this if you are a State Medicaid Director, State Medicaid Chief Information Officer, State Medicaid Project Manager, or State Procurement Officer—or if you work on a State Medicaid Enterprise System (MES) certification or modernization efforts. 

The companion podcast to this article, Organization development: Preparing for Medicaid Enterprise Systems (MES) modernization, can be found in our virtual library.  


What is organization development (OD)? 

The purpose of OD is to improve organizational performance and outcomes. OD focuses on improving an organization’s capability through the alignment of strategy, structure, people, rewards, systems, metrics, and management processes.  

OD is a science-backed, interdisciplinary field rooted in psychology, culture, innovation, social sciences, quality management, project management, adult learning, human resource management, change management, organization behavior, and research analysis and design, among others.  

OD typically starts with a clear sense of mission, vision, and values that answers the question “what we are trying to be?” OD develops the culture and behaviors that reflect the organizational values.  

OD facilitates the transformation of the workplace culture to become strategic, meaning: vision-driven, values-based, and goals-aligned. This may include talent development for leaders and staff and redesigning organizational infrastructure. 

What is the scope of an OD effort? 

OD efforts are most effective when they encompass the entire organization becoming the basis for a strategic plan. OD can be just as effective when applied to a MES modernization project. In this application of OD, we facilitate stakeholder engagement with the intent of person-centered service, concurrent design for operations, processes, and training side-by-side with the systems design and development. This approach is also referred to as human-centered design (HCD).  

Regardless of the scope, OD reinforces benchmarks of high-performance organizations including: 

  • Transparent and data-informed decision making 
  • Developed leadership building connections with consistent expectations 
  • Culture of continuous improvement and innovation 
  • Team-based success and ownership for outcomes 
  • Person-centered service 

What does OD look like in action? 

We facilitate leaders to assess their organization through the eyes of stakeholders, particularly staff and people served. Collaboratively, with no blame or shame, the leaders articulate where they are today and where they need to be in the future, and build a roadmap or strategic plan to get there. In the assessment and roadmap we use the following six focal points of the organization:  

  • Excellent leadership 
  • Effective strategy 
  • A workforce that is confident, competent, consistent, and compassionate 
  • Quality operations and process improvement 
  • Person-centered service that results in a positive client experience 
  • Quality program outcomes for the communities served 

The roadmap or strategic plan typically includes talent development, and redesign of the infrastructure, including structure, processes, communication mechanisms, performance management processes, deployment of resources, and job skills development approaches.  

Talent development ensures that your leaders are aligned, prepared, and most importantly leading and inspiring their people toward that vision and the development of the workforce. Talent development provides staff with the skills, knowledge, and abilities needed, and reinforces positive attitudes, beliefs, and willingness to work together towards common goals. This might also include restructuring business process redesign, it might include expanding roles or shifting roles.  

Principles of lean are an important component of organization development when redesigning processes and helps organizations, such as state Medicaid agencies, do more with the current resources. With so many constraints placed on organizations, the lean approach is a critical component of optimizing existing resources and finding cost savings through changing “what we do” and “how we do it”, as opposed to cutting “what we do” or “changing who does it”. Resource optimization is just one of the benefits of organization development. 

Why is it important to redesign your organization and develop your staff when you're implementing a new technology system, such as a new Medicaid Enterprise System module? 

For state Medicaid Agencies, the organization goal isn't to modernize a system, the goal is for competent and compassionate staff serving clients and providers to improve health and wellness in our communities. Our goal is streamlined processes that improve accuracy and timeliness. Look at the outcomes of the program, then design the systems that enable business processes and the people who make that process happen every single day. We go back to why we are doing anything in the first place. Why do we need this change? What are we trying to accomplish? If we're trying to accomplish better service, a healthier community, and streamline processes so we are cost effective, then it leads us to modernizing our enterprise system and making sure that our people are prepared to be successful in using that system. Aligning to the organizational goals, or what we call the North Star, sets us up for success with the enterprise efforts and the human efforts. 

What can clients do to navigate some of the uncertainties of a modernization effort, and how can they prepare their staff for what's next? 

First articulate the goals or why you want the modernization, and build a foundation with aligned, and effective leaders. Assess the needs of the organization from a “social” or people perspective and a technical or systems perspective (note: BerryDunn uses a socio-technical systems design approach). Then, engage staff to develop a high-performance, team-based culture to improve lean processes. Design and develop the system to enable lean business processes and concurrently have operations design standard operating procedures, and develop the training needed to optimize the new system.  

Leaders must lead. If leaders are fragmented, if they are not effective communicators, if they do not have a sense of trust and connection with their workforce, then any change will be sub-optimized and probably will be a frustrating experience for all.  

If the workforce is in a place where staff live with suspicion or a lack of trust, or maybe some dysfunctional interpersonal skills, then they are not in a place to learn a new system. If you try to build a system based on a fragmented organizational structure or inconsistent processes, you will not achieve the potential of the modernization efforts and will limit how people view your enterprise system. The worst thing you can do is invest millions of dollars in the system based on a flawed organizational design or trying to get that system to just do what we've always done. 

By starting with building the foundation of engaging employees, not just to make people feel good, but also to help them understand how to improve their processes and build a positive workplace. Do we have the transparency in our data so that we understand what the actual problems are? Can employees articulate the North Star goals, the constraints, the reasons to update systems, then the organizations will have a pull for change as opposed to a push.

Medicaid agencies and other organizations can create a pull for change by engaging with their resources who can identify what gets in the way of serving the clients, i.e., what gets in the way of timeliness or adds redundancy or rework to the process. The first step is building that foundation, getting people leaning in, and understanding what's happening. By laying the foundation first, organizations help reduce the barriers between operations and systems, and ensure that they're working collaboratively toward organizational goals, always keeping the ‘why’ in mind and using measures to know when they are successful. 

How does a state focus on organization development when they are facing budget and staffing constraints? 

It is too easy to say, "invest in your people". In reality, the first thing that state Medicaid agencies or other organizations need do is redefine their sense of lean. Many inaccurately believe that lean means limited resources working really hard. Lean is tapping into the potential creativity and innovation of each staff member to look for ways to improve the process. Organizations should look at everything they do and ask “Does this add value to the end recipient of our service?” Even if I'm processing travel reimbursement requests, I still have a customer, I still have a need for timeliness and accuracy. If state Medicaid agencies can mobilize that type of focus with every single employee in their organization, they can achieve huge cost savings without the pain of cutting the workforce.   

In one state where BerryDunn’s organization development team provided this level and type of organizational transformation, there was a very deliberate focus on building this foundation prior to a large-scale system modernization.

By developing the leaders and training the employees in how to improve their processes, improve teamwork and trust, and align to the goal of a positive client experience, they were able to effectively implement the new system and seamlessly move to remote pandemic conditions. Once the state Medicaid agency had aligned the technical systems and the people systems to the organizational goals, they were successful and more resilient for future changes.   

If you have any questions, please contact our Medicaid consulting team. We're here to help.

Article
Outcomes and organization development 

Read this if you are a division of motor vehicles, or interested in mDLs.

Successful acquisition and implementation of a mobile driver’s license (mDL) program requires knowledge of the specific functional needs mDLs must satisfy to help ensure mDL programs provide security and convenience to mDL holders. These functional needs span mDL-reading equipment, issuing authorities (e.g., departments of motor vehicles), law enforcement and other mDL-reading establishments, and mDLs themselves.  

Per the American Association of Motor Vehicle Administrators (AAMVA) Functional Needs White Paper, functional needs span eight broad categories: operations, trust, identity, cross-jurisdictional/vendor use, data privacy, remote management, ease of use, and other. The table below organizes these categories, briefly explains associated functional needs, and assigns a level of criticality to each functional need. Critical functionality must be accommodated by mDL programs in some manner. Desired functionality is optional, but heavily encouraged.

Table 1: Key Terms and Definitions
mDL Functional Needs Breakdown
Category Description Required/Desired
Operation – Online and Offline mDL holders must be able to validate their identity when either the mDL holder, the mDL reader, or both lack access to the internet.  At a minimum, offline use must allow citizens to confirm their identities, driving privileges, age, and residence. Critical
Operation – Attended mDL holders and mDL-reading establishments must be physically present when an mDL holder’s identity is established as credible, typically using the mDL portrait image. Critical
Operation – Unattended mDLs must function when the mDL-reading establishment is not present during a transaction with an mDL holder. Desired
Trust mDL holders must be able to establish that data comprising the mDL was issued by the relevant issuer and that information has not been changed, unless via an update through the relevant issuer. Critical
Trust mDL-reading establishments must employ readers they trust to obtain and validate information from mDLs. Critical
Identity – Portrait Image mDLs must have portrait image of the mDL holder. Critical
Identity – Portrait Image mDLs must have the ability to retrieve the portrait image from the issuing jurisdiction using a one-time token. Critical
Identity – Portrait Image mDL readers must read portrait images from mDLs, retrieve it from the issuing jurisdiction, and display the image. Critical
Identity – Portrait Image Law enforcement must have mobile mDL readers in order to review the mDL portrait image and mDL holder simultaneously. Desired
Identity – Biometric mDL-reading establishments must have trusted equipment to obtain the mDL holder’s biometric information. Desired
Identity – Biometric mDLs and readers must support a one-to-one  comparison of the mDL and holder biometric information, executed by the mDL-reading establishment or mDL issuer. Desired
Identity – PIN mDLs must support the use of a personal identification number (PIN) to authenticate the legitimacy of an mDL and its holder. Critical
Identity – PIN mDL holders must trust that mDL readers will not compromise their PIN when entering it.

mDL readers must trust that the PIN accurately validates mDL holder information when the authentication process occurs on the mDL holder’s device.
Critical
Cross-Jurisdictional & Vendor Use mDL readers must be able to read mDLs from multiple issuing jurisdictions and multiple vendors. Critical
Cross-Jurisdictional & Vendor Use mDLs require interfacing with the relevant issuer, with the ability to control how mDL data is uploaded to holder devices and updated. Critical
Cross-Jurisdictional & Vendor Use mDLs require in-real-time interfacing with the holder’s device and the reader. Critical
Data Privacy As with physical DLs, mDLs require a process for granting holder consent prior to information release. Critical
Data Privacy mDL holders must be able to release selective information (e.g., age, driving credentials) without releasing all personal information stored on the mDL (data minimization). Critical
Data Privacy Issuing authorities must be able to allow unrestricted access to an mDL, without the holder’s consent, in cases where the holder is unconscious, nonresponsive, etc., e.g., following a major car accident, law enforcement might need to verify whether an individual is an organ donor. Desired
Data Privacy mDLs must be linkable to the government-related transactions they are used for (e.g., interacting with the DMV, law enforcement), allowing local and state officials to review the history of transactions related to a specific mDL. Desired
Data Privacy mDLs must be unlinkable from the private-industry transactions they are used for, preventing mDL-reading establishments from tying mDL holders to specific transactions. Desired
Data Privacy The mDL should grant the mDL holder visibility into all personal data contained in the mDL. Critical
Remote mDL Management1 mDL issuing authorities must have the ability to perform the following actions to mDLs remotely:
  • Add, update, and revoke (temporarily and permanently) driving privileges.
  • Update the application storing the mDL.
  • Revoke the mDL entirely (in the case of suspected fraud)
Critical
Remote mDL Management mDL holders must have the ability to remotely update their mDL data, including revoking their mDL in the case of a lost or stolen mDL. Critical
Remote mDL Management mDLs with combined offline/online functionality must expire should the mDL holder not connect their mDL to issuer’s system within a defined period of time. Critical
Remote mDL Management mDLs must support the ability to be returned to the issuer prior to the issue of a new mDL to a holder.

mDLs must support the ability to be returned to the issuer, marked as void, and returned to the holder prior to the issue of a new mDL to the holder.
Optional
Remote mDL Management mDLs must allow law enforcement officers from a holder’s home jurisdiction to suspend a holder’s mDL under specified circumstances. Critical
Remote mDL Management mDLs must support the ability for issuing authorities to change mDLs to IDs (in the case of driving privilege revocation) and change IDs to mDLs (when driving privileges are gained). Desired
Remote mDL Management mDLs must support the ability to transfer devices, either online (desired) or by visiting issuing authorities in person (critical). Desired/Critical
Ease of Use mDLs must not require mDL-reading establishments to handle the mDL holder’s device during a transaction. Critical
Ease of Use mDLs must operate during different weather conditions (rain, snow, intense sunlight, etc.) Desired
Ease of Use mDLs must function at all times, regardless of the level of ambient light. Critical
Ease of Use mDLs must function in various environments (office, traffic stop, etc.) Critical
Ease of Use mDLs must minimize the amount and cost of additional equipment that law enforcement and other mDL-reading establishments require when processing mDL transactions. Desired
Other – Processing     Time mDL readers must be able to process an mDL transaction with comparable time to physical DL transactions. Critical
Other – Non-reliance on Device Security by Consumer mDL readers must be able to authenticate mDL data without relying on the security of an mDL holder’s device (e.g., biometric readers). Critical

1Remote mDL management assumes at least a partial level of online mDL functionality. mDLs cannot be remotely managed in offline scenarios.

If you have questions about mDLs or about your specific agency, please contact the team. We’re here to help.      

Article
Functional needs for a successful mobile Driver's License (mDL) program

Read this if you are a division of motor vehicles, or interested in mDLs.

You drive to the airport, and are pulled over by law enforcement. They check your driver’s license. You arrive at the airport, and rush through the TSA checkpoint. They check your driver’s license. You buy a drink in the airport bar to calm your nerves. They check your driver’s license. You board your plane, take off, land in your destination, and rent a car. They check your driver’s license. You drive to the hotel and check yourself in. They check your driver’s license. From run-ins with law enforcement, to traveling, to purchasing alcohol, driver’s licenses are necessary and versatile parts of every citizen’s identification arsenal—and soon, they will be mobile. But this new frontier of electronic identification—despite widespread applicability and increased holder convenience—brings challenges for mDL issuers and mDL-reading establishments.

The mDLs must function in a range of scenarios, each of which with distinct business processes, differing levels of holder data control, and various levels of online functionality. The widespread applicability of mDLs mean that state, county, and local issuing authorities need to simultaneously anticipate the range of mDL holder scenarios, identify the functionality required to meet these scenarios, and anticipate implementation challenges.     

Additionally, understanding mDL functionality requires understanding the specific terms used to describe that functionality, and these terms vary. From the participants in mDL transactions, to the kinds of transactions occurring, to the various screens and data validation methods, this terminology quickly becomes complicated. 

Table 1, Key Terms and Definitions below contains a list of mDL-related terms and definitions used within this blog, and accompanying future functional needs blogs.

Table 1: Key Terms and Definitions
Terms Definitions
mDL issuer The department of motor vehicles or bureau of motor vehicles responsible for administering rights to, and overseeing distribution of, mDL data to mDL holders.
mDL holder The person whose data is contained in, and represented by, the mDL.
mDL reader The hardware technology used to consume mDL data from an mDL holder's device.
mDL-reading establishment The institution consuming mDL data via an mDL reader, e.g., law enforcement, liquor store, Transportation Safety Administration.
Portrait image The image of the mDL holder used to verify the holder's ownership of the mDL by visual means.
Attended operation The mDL-reading establishment is physically present when the mDL holder is certified as the owner of the mDL data. E.g., checking in at a hotel, buying alcohol at a liquor store, verifying ID during a traffic stop scenario.
Unattended operation The mDL-reading establishment is not physically present when the mDL holder is certified as the owner of the mDL data. E.g., verifying age during an internet transaction.
Personal Identification Number (PIN) A number (usually 4 digits) created by an mDL holder and used to validate their identity during transactions.
Use Case A situation in which a holder will rely upon an mDL to convey their data to mDL-reading establishments, for a defined purpose.


Table 2, mDL Use Cases below lists situations in which mDL transactions are common, called use cases, and marks them as primary or future mDL use cases. Table 2 also categorizes whether the transactions occur with online/offline functionality (or both); and whether the transactions require both parties to be present during the transaction (attended), do not require both parties to be present during the transaction (unattended), or both. 

Note that mDL use cases are ever evolving, as is the functionality required to complete them. For the most up-to-date content, consider reviewing resources developed by the American Association of Motor Vehicle Administrators (AAMVA) or the International Organization for Standardization (ISO).

Table 2: Standard mDL Use Cases
Use Case Online/Offline Functionality Attended v. Unattended Operation
Primary Use Cases
mDL holder is involved in a traffic stop with law enforcement. Both Both
mDL holder goes through a Transportation Security Administration (TSA) checkpoint at an airport. Both Attended
mDL holder purchases alcohol in person. Both Attended
mDL holder rents a car. Both Both
mDL holder checks into a hotel. Both Both
mDL holder confirms identity with financial institutions. E.g., banks. Both Attended
mDL holder obtains social services. Both Both
mDL holder confirms identity when voting. Note: This use case might not be required in all jurisdictions. Both Attended
mDL holder confirms identity to gain access to federal facilities (if appropriate). Both Attended
Future Use Cases
mDL holder proves age for age-restricted purchases via the internet. Online Unattended
mDL holder signs a document electronically.  Online Unattended
mDL holder opens a bank account online.  Online Unattended


If you have questions about mDLs or about your specific agency, please contact the team. We’re here to help. 

Article
Mobile Driver's License (mDL) functional needs: Definitions and use cases