1 / 17

Document Digital Signature (DSG)

Document Digital Signature (DSG). Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical Comittee. W W W . I H E . N E T. Providers and Vendors Working Together to Deliver Interoperable Health Information Systems In the Enterprise

abie
Télécharger la présentation

Document Digital Signature (DSG)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical Comittee

  2. W W W . I H E . N E T Providers and Vendors Working Together to Deliver Interoperable Health Information Systems In the Enterprise and Across Care Settings Interoperability Strategy Workshop

  3. IT Infrastructure Profiles 2004 Patient Identifier Cross-referencing for MPI (PIX) Retrieve Information for Display (RID) Consistent Time (CT) Patient Synchronized Applications (PSA) Enterprise User Authentication (EUA) 2005 Patient Demographic Query (PDQ) Cross Enterprise Document Sharing (XDS) Audit Trail and Note Authentication (ATNA) Personnel White Pages (PWP) 2006 Cross-Enterprise User Authentication (XUA) Document Digital Signature (DSG) – Notification of Document Availability (NAV) Patient Administration/Management (PAM) • Document Digital Signature (DSG) • Use of digital signatures to provide document integrity, non-repudiation and accountability. Interoperability Strategy Workshop

  4. Document Digital SignatureValue Proposition • Leverages XDS Document infrastructure • Providing accountability • Providing document integrity • Providing non-repudiation • Providing satisfactory evidence of: Authorship, Approval, Review, and Authentication • Infrastructural pattern to be further profiled by domain specific groups (e-Prescribing, e-Referral) Interoperability Strategy Workshop

  5. Document Digital SignatureAbstract/scope • Provide signature mechanism • Provide verification/validation mechanism • Provide signature attributes • XDS manages document and signature • Allows direct access to document (XDS) Interoperability Strategy Workshop

  6. Document Digital SignatureAbstract/scope • Digital Signature Document format • Leverages XDS for signature by reference • New document type in XDS – Linkage forward and back. • Profiles single / multiple signatures • Profiles nested signatures • Provide signature integrity across intermediary processing Interoperability Strategy Workshop

  7. Document Digital SignaturesGoals Digital Signatures help mitigate risk for the following attacks: • In the storage or transmission of documents, characteristics of clinician orders reflected in the prescription could be modified. • In the storage or transmission of documents, characteristics of countersigned clinician orders reflected in the prescription could be modified. • A forged prescription could be introduced. Interoperability Strategy Workshop

  8. Document Digital SignatureKey Technical Properties • W3C XML Signature structure • credentials, timestamp, and other signature attributes such as signature purpose • Reference to document stored in XDS • ISO TS17090 compliant digital certificates • Assures message integrity • Verification of signed document validity • Provides for multiple signers Interoperability Strategy Workshop

  9. Document Digital SignatureSignature Attributes • Expand signature to include additional data relevant to the healthcare signature • Includes the date and time the signature was calculated and applied • The identity of the signer • Signature Purpose Interoperability Strategy Workshop

  10. Document Digital SignatureUse Cases • Attesting a document as true copy • Each subsequent use of the original signed digital document or a digital copy of the document can inspected signatures to assert that the documents are true copies of information attestable to the signer at the time of the signature ceremony • Attesting content • When a clinician submits a clinical document to the XDS repository, the clinician using a digital certificate digitally signs the document • Attesting to whole submission set • Translation / Transformation Interoperability Strategy Workshop

  11. Cross-Enterprise Document Sharing (XDS) Use Case (1) • The XDS profile describes how different health care parties can share documents • A “document source” is responsible to “provide and register” document in a “registry/repository” for a “query” and “retrieve” by a “document consumer” • Document Digital Signature enables to manage the “responsibility” issues Interoperability Strategy Workshop

  12. Cross-Enterprise Document Sharing (XDS) Use Case (2) • The “document source” wants to prove it has well “authored” the document and the associated “submission set metadata” • The “registry/repository” it has not corrupted the documents and metadata • The “document consumer” wants to check above items and check the “identity” of author(s) and authenticator(s) Interoperability Strategy Workshop

  13. Cross-Enterprise Document Sharing (XDS) Use Case (3) • The “document source” includes the document(s) signature(s) into the “submission set” • The “registry/repository” stores the document signature(s) as a “document” and metadata associated with it/them as a specific “signature object” metadata • The “document consumer” can see the “signature metadata” and retrieve each signature for checking it, including the certificate(s) Interoperability Strategy Workshop

  14. Document Digital SignatureSignature Purpose From ASTM E1762 * • “Author” - Author’s signature, • “Author.Co” - Coauthor’s signature • “Participant” - Co-participant’s signature • “Transcriptionist/Recorder” • “Verification” - Verification signature • “Validation” - Validation signature • “Consent” - Consent signature • “Witness” - Witness signature • “Witness.Event” - Event witness signature • “Witness.Identity” - Identity witness signature such as a Notary • “Witness.Consent” - Consent witness signature • “Interpreter” • “Review” - Review signature • “Source” - Source signature • “Addendum” - Addendum signature • Administrative • Timestamp Interoperability Strategy Workshop

  15. Document Digital SignatureAdditions to ASTM1762 The following items will be added to ASTM1762 • Modification • Authorization • Transformation • Recipient Modification is being worked on. Interoperability Strategy Workshop

  16. Document Digital SignatureStandards Used W3C XML Signature ISO 17090, 21091 ASTM E2212, E1985, E1762, E1084 IETF x509 DICOM supplement 41, 86 NCPDP HL7 CDA Interoperability Strategy Workshop

  17. More information…. • IHE Web sites: www.ihe.net • Technical Frameworks, Supplements • Fill in relevant supplements and frameworks • Non-Technical Brochures : • Calls for Participation • IHE Fact Sheet and FAQ • IHE Integration Profiles: Guidelines for Buyers • IHE Connect-a-thon Results • Vendor Products Integration Statements Interoperability Strategy Workshop

More Related