Dr Hugh Nelson wrote:
This is an important point.
HIC were obsessed with getting GP's to do something that would save the
HIC money - so much so that our clinic got set up with individual PKI
keys and usb dongles and the HIC staffperson didn't think it was
necessary to arrange for a Location Certificate.
Of course, a location certificate is the one to use if you are sending
clinical information securely.
He must have been green, they've always been needed. Now the individual
certificates aren't for MA Online.
If the HIC had worked from the start to enable better clinical
communications, then we would all be on board by now.
Hugh,
Except for the LDAP issues and revocation certificates, etc. that come
with X509.
It all works fine when many users are communicating with one provider,
eg. MA Online or your path/radiology provider with XXX doctors receiving
reports, so that one central body is either the sender or receiver.
However, that avoids most of the LDAP authentication issues. When you
get to many-to many transmissions with stuff going both ways a proper
LDAP system needs to come into play, and these don't really exist yet.
the hub-and spoke guys like Promedicus and Healthlink overcome this by
requiring their users to have only one certificate other than their own
- the provider's.
But they are proprietary, and HeSA/MA wouldn't touch that as they are
back to square-one with an IBA-like dependence on a carrier. You may
recall, possibly have even tried to read, the original HIC Online 130
page contract documents, that stated, among other things, that you were
bound to upload fresh revocation lists every week. No-one does that as
they don't need to, but with many-to-many you do need to for both
security and getting messages where you want.
It has been illuminating setting up HIC/MA Online, Promedicus and
Healthlink over the last year or so, with their various certificate
requirements. In October it was necessary for MA online users to update
Mr's own certificates. MA fudged it by allowing to continue use of
out-of-date certificates. There is lots of 'hidden' support overheads in
this stuff
Many-to-many is much harder than most think, I'd suggest.
Greg
--
Greg Twyford
Information Management & Technology Program Officer
Canterbury Division of General Practice
E-mail: [EMAIL PROTECTED]
Ph.: 02 9787 9033
Fax: 02 9787 9200
PRIVATE & CONFIDENTIAL
***********************************************************************
The information contained in this e-mail and their attached files,
including replies and forwarded copies, are confidential and intended
solely for the addressee(s) and may be legally privileged or prohibited
from disclosure and unauthorised use. If you are not the intended
recipient, any form of reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication or any action taken or
omitted to be taken in reliance upon this message or its attachments is
prohibited.
All liability for viruses is excluded to the fullest extent permitted by
law.
***********************************************************************
_______________________________________________
Gpcg_talk mailing list
[email protected]
http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
