Hello Greg,
I think actually, they are following best practice. Its pretty easy
for a Location certificate to "escape" into the wild and the easy
access to the private key is a big problem.
The use of a individual token to produce legal referrals is something
the security experts would approve of. I have a PKI key and it is a
pain when you forget it, but using it to sign referrals is not a major
issue. If they agreed to issue 2-3 tokens for everyone, if desired, it
would be better but the logic behind it is solid. Its the lack of
implementations that's the problem.
You can scan a handsigned referral and sign that with a location
certificate and store it in a database and throw away the paper. For
documents that have never existed as paper a smartcard solution is
appropriate and you would be hard pressed to find anyone in the
security community to support using location certificates.
Duncan needs to store a PKI signed version of the referral in his
database and then its fine. It needs to be signed with a smartcard, or
else receptionists could generate legal referrals at will.
Its not a huge risk with referrals, but extend it to scripts and the
potential for abuse is huge.
Tuesday, February 28, 2006, 11:56:39 AM, you wrote:
GT> Tim Churches wrote:
>> Duncan Guy wrote:
>>> I'm not so sure I want to be a test case but ... Given this is a unique
>>> situation and to access our EMR the specialist who is referring to me
>>> has to log onto the server via a terminal session with his/her unique
>>> username and password and then onto the EMR with his/her unique password
>>> and the EMR records every keystroke with time and date stamping I was
>>> hoping this might do. S'pose there isn't an answer to this one.
>>
>> The problem is that your EMR, timestamps included, can be altered post
>> hoc in a completely undetectable fashion. The only solution to this is
>> to create secure hashes ("digests") of the state of your EMR and have
>> that timestamped digest digitally signed by a trusted third party - by a
>> digital notary public. Provided that there is no collusion between you
>> and the notary public (and notaries public are chosen and honour-bound
>> to resist such collusion), then the use of such digital notarisation
>> provides very good evidence (very difficult to challenge in a court of
>> law) that your EHR actualy contained the information you asserted that
>> it did (eg evidence of a referral) on a particular date (as opposed to
>> having been "doctored" at a later date to make it appear that it
>> contained that information at some earlier date).
GT> Tim,
GT> A great alternative that will benefit doctors, Medicare Australia and
GT> the public. The only problem is that you've just told the Medicare
GT> Australia guys responsible for developing their PKI system that they are
GT> a bunch of idiots who have to abandon a big part of what they've created
GT> and go down a different road. Big loss of face, possibly even some
GT> awkward questions to answer re appropriateness of their use of public money.
GT> Greg
--
Best regards,
Andrew mailto:[EMAIL PROTECTED]
Andrew McIntyre
Buderim Gastroenterology Centre
www.buderimgastro.com.au
PH: 07 54455055 FAX: 54455047
_______________________________________________
Gpcg_talk mailing list
[email protected]
http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
