Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical.

Slides:



Advertisements
Similar presentations
Displayable Reports Profile (DRPT) Marco Eichelberg OFFIS Technical Manager, IHE Europe Cardiology Slides by Harry Solomon, Co-chair, IHE Cardiology Technical.
Advertisements

IT Infrastructure Glen Marshall Siemens Health Solutions IHE IT Infrastructure Committee Co-chair.
Integrating the Healthcare Enterprise
September, 2005What IHE Delivers 1 Key Image Notes Evidence Documents Simple Image & Numeric Report Access to Radiology Information IHE Vendors Workshop.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing for MPI (PIX) Profile Mike Henderson.
March 17, 2005IHE and medical Standards in Denmark 1 Integrating the Healthcare Enterprise IHE for cross-enterprise interoperability Charles Parisot, GE.
June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)
IHE IT Infrastructure Domain Update
Audit Trail and Node Authentication Audit Trail and Node Authentication Robert Horn Agfa Healthcare.
IHE Workshop – June 2006What IHE Delivers 1 Cynthia A. Levy Cedara Software IHE Technical Committee Import Reconciliation Workflow Profile.
Retrieve ECG for Display Profile Retrieve ECG for Display Profile John Donnelly IHE-Cardiology Planning Committee.
IHE IT Infrastructure Outreach to Patient Care Coordination Domain Michael Nusbaum IT Infrastructure Planning Committee December 13 th, 2010.
The Connectathon Process, Test Plan and Responsibilities of Participants Steve Moore Mallinckrodt Institute of Radiology Technical Project Manager: ITI,
Leveraging IHE to build RHIO Interoperability Charles Parisot GE Healthcare IHE IT Infrastructure Technical Committee co-chair.
September, 2005What IHE Delivers 1 Basic Patient Privacy Consents (BPPC) IHE Vendors Workshop 2006 IHE Patient Care Coordination Education
September, 2005What IHE Delivers 1 XDS Document Source and Consumer Implementation Strategies IHE Vendors Workshop 2006 IHE IT Infrastructure Education.
PRESENTATION TITLE Name of Presenter Company Affiliation IHE Affiliation.
Copyright 2008 Keystone Health Information Exchange TM IHE Connectathon January 29,2008 Jim Younkin KeyHIE Project Director.
June 28-29, 2005IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Cross-enterprise Document Sharing for Imaging (XDS-I) Rita Noumeir.
Audit Trail and Node Authentication / Consistent Time
Sept 13-15, 2004IHE Interoperability Worshop 1 Integrating the Healthcare Enterprise XDS Cross -enterprise D ocument S haring Overview and Concepts Charles.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT, EUA, PWP, DSIG IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert Horn,
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
NHIN Specifications Richard Kernan, NHIN Specification Lead (Contractor), Office of the National Coordinator for Health IT Karen Witting, Contractor to.
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
Integrating the Healthcare Enterprise IHE Technical Committee Status IHE ITI Plan Committee - February 2004.
Cross Domain Patient Identity Management Eric Heflin Dir of Standards and Interoperability/Medicity.
What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin – Medicity/THSA.
Cross-Enterprise Document Sharing Cross-Enterprise Document Sharing Bill Majurski National Institute of Standards and Technology IT Infrastructure Co-Chair.
Integrating the Healthcare Enterprise
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Audit Trail and Node Authentication Robert Horn Agfa Healthcare.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Vendors Webinar 2006 IHE IT Infrastructure Education Robert Horn, Agfa Healthcare.
What IHE Delivers Security and Privacy Overview & BPPC September 23, Chris Lindop – IHE Australia July 2011.
Integrating the Healthcare Enterprise Enterprise User Authentication and Consistent Time Glen Marshall Co-Chair, IHE IT Infrastructure Planning Committee.
Cross-Enterprise User Assertion IHE Educational Workshop 2007 Cross-Enterprise User Assertion IHE Educational Workshop 2007 John F. Moehrke GE Healthcare.
September, 2005What IHE Delivers 1 Key Image Notes Evidence Documents Simple Image & Numeric Report Access to Radiology Information IHE Vendors Workshop.
CS 493 Project Definition The project assignment is a simplified version of the Integrating Healthcare Enterprise (IHE) Cross-Enterprise Document Sharing.
September, 2005What IHE Delivers 1 Radiology Option for Audit Trail and Node Authentication IHE Vendors Workshop 2006 IHE IT Infrastructure Education Robert.
September, 2005What IHE Delivers 1 An Overview of the IHE IT Infrastructure IHE Vendors Workshop 2006 IHE IT Infrastructure Education Glen F. Marshall.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.
Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical.
Review and update of IHE The Future & XDS–I. Overview - IHE Updates IHE Organisational Changes The Infrastructure Domain Radiology Update XDS-I.
February 8, 2005IHE Europe Educational Event 1 Integrating the Healthcare Enterprise Basic Security Robert Horn Agfa Healthcare.
September, 2005What IHE Delivers 1 ITI Security Profiles – ATNA, CT IHE Education Workshop 2007 IHE IT Infrastructure Education John Moehrke GE Healthcare.
IHE IT Infrastructure Domain Update Karen Witting – IBM IT Infrastructure Planning Committee co- chair.
1 Healthcare Information Technology Standards Panel Care Delivery - IS01 Electronic Health Record (EHR) Laboratory Results Reporting July 6, 2007.
IT Infrastructure for the Enteprise Mike Henderson Principal Consultant, Eastern Informatics Past co-Chair, IT Infrastructure Technical Committee Charles.
Cross-Enterprise User Authentication John F. Moehrke GE Healthcare IT Infrastructure Technical Committee.
Identity Proofing, Signatures, & Encryption in Direct esMD Author of Record Workgroup John Hall Coordinator, Direct Project June 13, 2012.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing Charles PARISOT GE Healthcare.
September, 2005What IHE Delivers 1 Presenters Scanned Documents.
IHE IT Infrastructure Domain Update Karen Witting – IBM IT Infrastructure Technical Committee co-chair.
Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Cross Enterprise Document Sharing Details Keith W. Boone – Dictaphone.
Cross-Enterprise User Authentication Year 2 March 16, 2006 Cross-Enterprise User Authentication Year 2 March 16, 2006 John F. Moehrke GE Healthcare IT.
Cross-Enterprise Document Sharing (XDS) Bill Majurski IT Infrastructure National Institute of Standards and Technology.
June 28-29, 2005IHE Interoperability Workshop Keith W. Boone Dictaphone Corporation IHE ITI Technical Comittee Notification of Document Availability (NAV)
Integrating the Healthcare Enterprise Retrieve Information for Display (RID) Integration Profile Ellie Avraham Kodak Health Imaging IHE IT Infrastructure.
June-September 2009www.ihe.net North American 2010 Connectathon & Interoperability Showcase Series Paul Seifert/ Kinson Ho Solution Architects Agfa HealthCare.
What IHE Delivers Healthcare Provider Directories IHE IT Infrastructure Planning Committee Eric Heflin - Medicity.
IHE IT Infrastructure Integration Profiles: Adaptation to Cardiology Harry Solomon.
Patient Demographics Query (PDQ) Didi Davis Director, Eclipsys Corporation Co-Chair, IT Infrastructure Planning Committee.
Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage.
Access to Radiology Information Paul Seifert Agfa HealthCare Co-chair, IHE Radiology Technical Committee.
IT Infrastructure Plans
Patient Identifier Cross-Referencing for MPI (PIX)
Radiology Option for Audit Trail and Node Authentication Robert Horn
IHE Workshop: Displayable Reports (DRPT)
Integrating the Healthcare Enterprise
IHE: Integrating the Healthcare Enterprise
Presentation transcript:

Document Digital Signature (DSG) Document Digital Signature (DSG) Gila Pyke / Lori Reed-Fourquet Smart Systems for Health Agency / Identrus IHE ITI Technical Comittee

June 28-29, 2005Interoperability Strategy Workshop2 W W W. I H E. N E T Providers and Vendors Working Together to Deliver Interoperable Health Information Systems In the Enterprise and Across Care Settings

June 28-29, 2005Interoperability Strategy Workshop3 IT Infrastructure Profiles 2004 Patient Identifier Cross-referencing for MPI (PIX) Retrieve Information for Display (RID) Consistent Time (CT) Patient Synchronized Applications (PSA) Enterprise User Authentication (EUA) 2005 Patient Demographic Query (PDQ) Cross Enterprise Document Sharing (XDS) Audit Trail and Note Authentication (ATNA) Personnel White Pages (PWP) 2006 Cross-Enterprise User Authentication (XUA) Document Digital Signature (DSG) – Notification of Document Availability (NAV) Patient Administration/Management (PAM) Document Digital Signature (DSG) Use of digital signatures to provide document integrity, non-repudiation and accountability.

June 28-29, 2005Interoperability Strategy Workshop4 Document Digital Signature Value Proposition Leverages XDS Document infrastructure Providing accountability Providing document integrity Providing non-repudiation Providing satisfactory evidence of: Authorship, Approval, Review, and Authentication Infrastructural pattern to be further profiled by domain specific groups (e-Prescribing, e-Referral)

June 28-29, 2005Interoperability Strategy Workshop5 Document Digital Signature Abstract/scope Provide signature mechanism Provide verification/validation mechanism Provide signature attributes XDS manages document and signature Allows direct access to document (XDS)

June 28-29, 2005Interoperability Strategy Workshop6 Document Digital Signature Abstract/scope Digital Signature Document format Leverages XDS for signature by reference New document type in XDS – Linkage forward and back. Profiles single / multiple signatures Profiles nested signatures Provide signature integrity across intermediary processing

June 28-29, 2005Interoperability Strategy Workshop7 Document Digital Signature Out of scope Certificate management and PKI concepts Standards and implementations are available and will be discussed later Focus begins with signing, not encryption Partial Document Signature

June 28-29, 2005Interoperability Strategy Workshop8 Document Digital Signatures Goals Digital Signatures help mitigate risk for the following attacks: –In the storage or transmission of documents, characteristics of clinician orders reflected in the prescription could be modified. –In the storage or transmission of documents, characteristics of countersigned clinician orders reflected in the prescription could be modified. –A forged prescription could be introduced.

June 28-29, 2005Interoperability Strategy Workshop9 Document Digital Signatures The following scenarios will not be mitigated by using digital signatures and require additional security: –Corruption or bribery of a user, or counter-signer –Theft of a private key –Compromise of the physicians workstation to allow access to the signing key –The confirmation process could be corrupted or modified. –The dispensing system could be corrupted or modified, including simple attacks like burglary. –The dispensing feedback could be corrupted, modified, or destroyed.

June 28-29, 2005Interoperability Strategy Workshop10 Document Digital Signature Key Technical Properties W3C XML Signature structure –credentials, timestamp, and other signature attributes such as signature purpose Reference to document stored in XDS ISO TS17090 compliant digital certificates Assures message integrity Verification of signed document validity Provides for multiple signers

June 28-29, 2005Interoperability Strategy Workshop11 Document Digital Signature Signature Attributes Expand signature to include additional data relevant to the healthcare signature Includes the date and time the signature was calculated and applied The identity of the signer Signature Purpose

June 28-29, 2005Interoperability Strategy Workshop12 Document Digital Signature Signature Attributes The role of a signer (purpose of the signature) includes actors that may carry the responsibilities of: –Signer: the actor that creates the electronic signature. When the signer digitally signs over data object(s) using the prescribed format, this represents a commitment on behalf of the signing entity to the data object(s) being signed. –Verifier: the entity that verifies the electronic signature. It may be a single entity or multiple entities –Trusted Service Providers: one or more entities that help to build trust relationships between the signer and verifier. Trusted Service Providers include PKI Certification Authorities, Registration Authorities, Repository Authorities (e.g. a directory), Time-Stamping Authorities, Signature Policy Issuers and Attribute Authorities. –Arbitrator: An entity that arbitrates in disputes between a signer and a verifier.

June 28-29, 2005Interoperability Strategy Workshop13 Document Digital Signature Transaction Diagram

June 28-29, 2005Interoperability Strategy Workshop14 Document Digital Signature Transaction Diagram

June 28-29, 2005Interoperability Strategy Workshop15 Document Digital Signature Use Cases Attesting a document as true copy –Each subsequent use of the original signed digital document or a digital copy of the document can inspected signatures to assert that the documents are true copies of information attestable to the signer at the time of the signature ceremony Attesting content –When a clinician submits a clinical document to the XDS repository, the clinician using a digital certificate digitally signs the document Attesting to whole submission set Translation / Transformation

June 28-29, 2005Interoperability Strategy Workshop16 Cross-Enterprise Document Sharing (XDS) Use Case (1) The XDS profile describes how different health care parties can share documents A document source is responsible to provide and register document in a registry/repository for a query and retrieve by a document consumer Document Digital Signature enables to manage the responsibility issues

June 28-29, 2005Interoperability Strategy Workshop17 Cross-Enterprise Document Sharing (XDS) Use Case (2) The document source wants to prove it has well authored the document and the associated submission set metadata The registry/repository it has not corrupted the documents and metadata The document consumer wants to check above items and check the identity of author(s) and authenticator(s)

June 28-29, 2005Interoperability Strategy Workshop18 Cross-Enterprise Document Sharing (XDS) Use Case (3) The document source includes the document(s) signature(s) into the submission set The registry/repository stores the document signature(s) as a document and metadata associated with it/them as a specific signature object metadata The document consumer can see the signature metadata and retrieve each signature for checking it, including the certificate(s)

June 28-29, 2005Interoperability Strategy Workshop19 Document Digital Signature Signature Purpose From ASTM E1762 * Author - Authors signature, Author.Co - Coauthors signature Participant - Co-participants signature Transcriptionist/Recorder Verification - Verification signature Validation - Validation signature Consent - Consent signature Witness - Witness signature Witness.Event - Event witness signature Witness.Identity - Identity witness signature such as a Notary Witness.Consent - Consent witness signature Interpreter Review - Review signature Source - Source signature Addendum - Addendum signature Administrative Timestamp

June 28-29, 2005Interoperability Strategy Workshop20 Document Digital Signature Additions to ASTM1762 The following items will be added to ASTM1762 –Modification –Authorization –Transformation –Recipient Modification is being worked on.

June 28-29, 2005Interoperability Strategy Workshop21 Document Digital Signature Standards Used W3C XML Signature ISO 17090, ASTM E2212, E1985, E1762, E1084 IETF x509 DICOM supplement 41, 86 NCPDP HL7 CDA

June 28-29, 2005Interoperability Strategy Workshop22 Document Digital Signature E-prescribing threats

June 28-29, 2005Interoperability Strategy Workshop23 More information…. IHE Web sites: Technical Frameworks, Supplements –Fill in relevant supplements and frameworks Non-Technical Brochures : Calls for Participation IHE Fact Sheet and FAQ IHE Integration Profiles: Guidelines for Buyers IHE Connect-a-thon Results Vendor Products Integration Statements

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.