Hello Jan, Tuesday, February 28, 2006, 7:13:31 PM, you wrote:
>>You can scan a handsigned referral and sign that with a location >>certificate and store it in a database and throw away the paper. For >>documents that have never existed as paper a smartcard solution is >>appropriate and you would be hard pressed to find anyone in the >>security community to support using location certificates. JC> How do you sign the scanned doco with your HeSA Individual certificate? JC> I've looked in various scanning s/w and also some of the EHRs that scan and JC> can't see how. Does this not need to be programmed in by the vendors? Yes, that's what needs to happen. You generate a detached signature and store that. The what the Medical-Objects signature algorithm does, it creates a detached signature and then appends it the the end of the HL7 message as an extra OBX. That way it is welded to what it signed, and its harder to loose it. The plain text HL7 has the signature in it and you can read the message without any need for decryption. The signature can be evaluated whenever the document is viewed. The certificate is in the ASN1 (The PKI signature encoding)wrapper, which is a 2k overhead, but means you can always evaluate its validity, even if the token is lost. Using ASN1 tools you can strip the signature and save 2k per message, but with gigabyte hard drives the need is less. JC> I asked this of the, then, HIC Manager for PKI and Information Standards in JC> approximately 2002 and was told you have to then email the scanned doco to JC> yourself, thereby being able to sign it with your key. The problem with that is that you end up with and encrypted and signed message and if you loose you encryption key you cannot see what was signed. It also means you have to keep these encrypted blobs around forever. This is why we came up with the In message signature algorithm. The messages are still valid as per AHML, they just have an ED segment with the PKI detached signature in them. The message is not encrypted and can be stored as is. As we store everything in HL7 format there is no duplication of storage, but in other systems its better to store something that's basically plain text and valid HL7. The standard also requires that what's stored is non encypted. >>Duncan needs to store a PKI signed version of the referral in his >>database and then its fine. It needs to be signed with a smartcard, or >>else receptionists could generate legal referrals at will. JC> If the EHR allowed you to sign a letter you produced (without having to JC> email it) and sign incoming scanned docos, this would be quite beneficial in JC> Duncan's circumstances (as I think I already pointed out in a previous JC> post). This is why the Medical-Objects referral client insists on a PKI smartcard. That way it always produces a legal referral, there is no risk to specialists if they do not get the paper, in fact they don't need the paper. From Specialist to GP is not an issue, we can use PGP, GNUPG or PKI there. For medico-legal purposes signing all incoming documents with a location key would make them fairly secure against tampering and provide absolute integrity checking, this is something we can do. If you do that with scanned documents and follow the other storage requirements then its a legally valid document as per the HIC guidelines. JC> Jan JC> -- JC> No virus found in this outgoing message. JC> Checked by AVG Free Edition. JC> Version: 7.1.375 / Virus Database: 268.1.0/269 - Release Date: 24/02/2006 JC> _______________________________________________ JC> Gpcg_talk mailing list JC> [email protected] JC> http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk -- Best regards, Andrew mailto:[EMAIL PROTECTED] Andrew McIntyre Buderim Gastroenterology Centre www.buderimgastro.com.au PH: 07 54455055 FAX: 54455047 _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
