[jonathonlui]

In the USA, some states (including California) and private health care providers are using something called Smart Health Card [0] which is a signed JWT using public/private keys.

It's up to each verifier (e.g. phone app developers) to decide which issuers to trust but there's a list: https://www.commontrustnetwork.org/verifier-list.

[0] https://smarthealth.cards/

[morvita]

In Canada, British Columbia is using the SMART Health Card as well. Don't know if any of the other provinces are.

[gnabgib]

BC are QC are.. but they're terrible PII privacy leaks (unprotected legal name/DOB/vaccination record). It violates the health canada privacy act[0]:

> "The Act protects an individual's privacy by setting out provisions related to the collection, retention, accuracy, disposal, use and disclosure of personal information."

and the privacy act [1]

> "(a) information relating to the race, national or ethnic origin, colour, religion, age or marital status of the individual,

> (b) information relating to the education or the medical, criminal or employment history of the individual or information relating to financial transactions in which the individual has been involved,"

Hopefully they adjust accordingly.

[0]: https://www.canada.ca/en/health-canada/corporate/about-healt...

[1]: https://laws-lois.justice.gc.ca/eng/acts/P-21/FullText.html