Hello Ross, I am all for debate, but after raising this issue for over 2 years and
1. Presenting on it at HL7 Australia 2 years ago 2. Discussing it in IT-14-6-5 (Pathology Messaging) 4. Asking IT-14-6-4 (Security) to look at it 5. Placing all the material on our website for > 12 months 6. Sending all the info to Chris Lynton-Moll who is looking at this issue for standards Australia and has been in recent contact with Medicare Australia. 7. Discussing it in IT-14-6 in the last 2 months 8. You having access to it at HIC 2005 and Sending the info direct to you I would think we have attempted to try and sort this out in an open way. The scheme we use is AHML compliant and has had a lot of thought put into it and has been in real use for 2 years. If you have and alternative scheme or any issues with the scheme then the issue is under active debate currently and AHML and Medical-Objects would be delighted to hear from you. Its more a matter of joining the debate than starting it. The signature is lost if the data is turned into rtf!... but as its encapsulated in a AHML compliant, unencrypted HL7 message and meets all the HIC requirements, the signature is not lost when it goes into a HL7 EHR or stored as a file on disk. Any data could be signed by transmitting it in a HL7 ED (Encapsulated data) segment and signing this. It is applicable or HL7 Orders and REF messages as well. The signature has been proven to remain intact when the message is transformed into HL7 XML format and back again. Its not really been a quick hack, but a scheme that has been carefully thought out and refined, subject to review by interested parties and proven over several years. It is open and specs are freely available. We have played with PGP and GNUPG versions, but only HESA individual certificated make it a legal referral. It really has nothing to do with transport, the signed messages are still encrypted and signed for transport. Perhaps you could make the scheme you are planning to test public to further the debate? Wednesday, December 6, 2006, 9:39:43 PM, you wrote: RD> Elizabeth Dodd wrote: >> On Wednesday 06 December 2006 19:13, Ross Davey wrote: >> >>> NeHTA better get on with it and start to focus on 'content/payload' >>> issues otherwise we will just have to get together and decide on this >>> ourselves. >>> >>> cheers >>> Ross Davey >>> >> RD> If the participants would like, I would be pleased to start the ball RD> rolling by preparing a short discussion paper on the different options RD> for implementing digital signing. This would cover issues of whether RD> the entire HL7 message is signed, whether the atomised data is signed, RD> whether the individual OBX segments are signed, whether the facsimile of RD> the document is separately signed, whether the signing should be RD> agnostic to wvwn whether the payload is HL7 or other messaging formats RD> etc etc. RD> This should encourage some lively debate and hopefully give us some rich RD> food for thought.. RD> regards RD> Ross Davey RD> _______________________________________________ RD> Gpcg_talk mailing list RD> [email protected] RD> http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk RD> __________ NOD32 1909 (20061207) Information __________ RD> This message was checked by NOD32 antivirus system. RD> http://www.eset.com -- Best regards, Andrew mailto:[EMAIL PROTECTED] Andrew McIntyre Buderim Gastroenterology Centre www.buderimgastro.com.au PH: 07 54455055 FAX: 54455047 _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
