ProvenPROVEN.DEV
HealthID Protocol — Early Access

Your health address
for discoveries.

HealthID lets systems route results to the right owner without exposing PHI or identity. Research engines emit discoveries. You control where they land.

Consumers: My health feed follows me
Clinics: Match events route to the right record
Pharma: Recruit cohorts without touching identities
The Problem

Research engines shouldn't store identity.

Every time a research engine needs patient data, it creates a privacy liability. Clinical trial matching, biomarker discovery, cohort analysis — they all require access to sensitive information that should never leave your vault.

Yet results must reach the right patient or clinic. Identity and discovery are coupled — until now.

The Solution

HealthID decouples routing from identity.

HealthID gives every participant a stable, opaque handle. Research engines see handles, not people. Discoveries route through Proven's mailbox. Your system resolves locally. PHI never leaves your vault.

FoxScience sees only opaque handles. Proven routes. Your system maps locally.

How It Works

Five steps. Zero identity exposure.

Mint → Push → Discover → Emit → Resolve locally

01

Mint

Issuer or consumer signs in

Domain, wallet, or passkey authentication. VeriPHI mints HealthID handles and a certificate.

02

Push

Science-safe features only

Issuer pushes de-identified biomarkers and features to FoxScience. No PHI. No identity. Just science.

03

Discover

AI finds patterns

FoxScience runs analysis on opaque handles — correlations, biomarker patterns, cohort matches. It never sees who.

04

Emit

Discoveries route through Proven

FoxScience emits discoveries to Proven's mailbox. Results are addressed to handles, not identities.

05

Resolve

Your system maps locally

Issuer pulls events from their mailbox and resolves handles to patients in their own system. Identity stays in your vault.

Data Boundaries

What lives where.

Clear boundaries. No ambiguity. PHI never leaves your vault.

Data Type
FoxScience
Proven
Your System
Patient identity (name, DOB, SSN)
Opaque handles (issuer_handle, subject_handle)
De-identified biomarkers & features
Discovery results & match events
Handle-to-patient mapping
Cryptographic receipts & audit trail
Consent records
Raw medical records (EHR, labs)

= never stored    = stored

Use Cases

Built for real workflows.

Clinical Trial Recruitment

Match eligible patients to trials without exposing their identity to sponsors. Handles route invitations; patients consent locally.

Consumer Discovery Feed

RSS for your biology. New biomarker correlations, drug interactions, and health insights delivered to your HealthID mailbox.

Cross-System Patient Matching

Match patient events across hospitals, labs, and clinics using stable handles — no identity exchange required.

Facility Outcomes Loop

De-identified aggregates flow back to FoxScience for continuous learning. Facilities get benchmarks. Patients stay anonymous.

Multi-Tenant Research

Pharma runs studies across multiple sites without seeing identities. Each site resolves handles locally. Central analysis sees only science.

Insurance Verification

Verify coverage and eligibility through handle-based queries. No SSN, no DOB, no name in the verification pipeline.

For Developers

Two flows. No “query patient” endpoint.

Push science-safe features in. Pull discoveries out. That's it.

POST /api/health-id/ingest
POST /api/health-id/ingest
Content-Type: application/json
Authorization: Bearer <api_key>

{
  "issuer_handle": "clinic_7f3a",
  "subject_handle": "hid_9x2k_anon",
  "features": {
    "biomarkers": ["CRP", "IL-6", "TNF-alpha"],
    "panel_type": "inflammation_v2",
    "timestamp_utc": 1709251200
  },
  "ciphertext_blob": null,
  "receipt_hash": "sha256:a4f8c2..."
}
Powered by VeriPHI

The engine under the hood.

VeriPHI is the cryptographic protocol that makes HealthID possible. Handles, certificates, mailbox routing, and receipts — no keys in FoxScience.

Opaque Handles

Stable identifiers that persist across databases and time. No PHI embedded. No reversibility.

Certificates

Each HealthID comes with a VeriPHI certificate — cryptographic proof of minting, consent, and issuer authority.

Mailbox Routing

Discoveries addressed to handles land in the issuer's mailbox. No identity traversal. No leakage.

Receipts

Every claim, match, and delivery has provenance. Signatures, timestamps, and audit history — all verifiable on Proven.

Trust Infrastructure

Designed to keep PHI out of the research engine.

PHI stays in your vault. HealthID routes results without exposing identities. Receipts provide auditability.

Cryptographic Receipts

Every operation — minting, ingestion, discovery delivery — produces a signed receipt verifiable on Proven.dev.

Audit Logs

Complete history of handle creation, consent changes, data pushes, and discovery deliveries. Immutable and queryable.

Drift Monitors

Continuous monitoring detects anomalies in data patterns, access frequency, and handle usage. Alerts fire before problems compound.

Corridor System

Data flows through defined corridors with receipted checkpoints. Every transition is logged, signed, and auditable.

Ready to integrate HealthID?

Start routing discoveries without exposing identity. Early access is open for clinics, research platforms, and health tech companies.