Oliver Frank wrote: > Tony Lembke wrote: >> Does anyone know if the federal legislation has been changed such >> that digitally signed and delivered referral letters are adequate to >> satisfy Medicare requirements? > >> If so, do we know the signing requirements? > > I don't know abut the legislation, but I understand that if you use an > individual digital certificate to sign a referral that you are sending > electronically, this satisfies the Medicare requirements. It has to be > an individual digital certificate - a location certificate does not > satisfy the requirements, because it does not identify a person. > > I believe that thousands of referrals have been and are being sent > electronically without any digital signature, and have been and are > being accepted by medical specialists for Medicare benefits purposes. >
Standards Australia has a digital signature project underway, that I have contributed to. Medical-Objects have been using a digital signature format (that is open and published) for about 3 years and 10's of thousands of referrals have been sent using this. It is also a very good integrity test for the message. Standard Encryption/signature is not enough and the digitally signed data must not be encrypted. The format that has been developed embeds the signature within the HL7 message and this satisfies all the Medicare requirements. An individual key is required. Given that the same mechanism is applicable to scripts then using a site certificate is inappropriate as its on disc and loaded by staff members for eg HIC Online so is easily stolen. Andrew McIntyre _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
