Standard Guide for Electronic Authentication of Health Care Information

SIGNIFICANCE AND USE
This guide serves three purposes:
To serve as a guide for developers of computer software providing, or interacting with, electronic signature processes,
To serve as a guide to healthcare providers who are implementing electronic signature mechanisms, and
To be a consensus standard on the design, implementation, and use of electronic signatures.
SCOPE
1.1 This guide covers:
1.1.1 Defining a document structure for use by electronic signature mechanisms (Section 4),
1.1.2 Describing the characteristics of an electronic signature process (Section 5),
1.1.3 Defining minimum requirements for different electronic signature mechanisms (Section 5),
1.1.4 Defining signature attributes for use with electronic signature mechanisms (Section 6),
1.1.5 Describing acceptable electronic signature mechanisms and technologies (Section 7),
1.1.6 Defining minimum requirements for user identification, access control, and other security requirements for electronic signatures (Section 9), and
1.1.7 Outlining technical details for all electronic signature mechanisms in sufficient detail to allow interoperability between systems supporting the same signature mechanism (Section 8 and Appendix X1-Appendix X4).
1.2 This guide is intended to be complementary to standards under development in other organizations. The determination of which documents require signatures is out of scope, since it is a matter addressed by law, regulation, accreditation standards, and an organization's policy.
1.3 Organizations shall develop policies and procedures that define the content of the medical record, what is a documented event, and what time constitutes event time. Organizations should review applicable statutes and regulations, accreditation standards, and professional practice guidelines in developing these policies and procedures.

General Information

Status
Historical
Publication Date
31-Mar-2009
Current Stage
Ref Project

Relations

Buy Standard

Guide
ASTM E1762-95(2009) - Standard Guide for Electronic Authentication of Health Care Information
English language
16 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


NOTICE: This standard has either been superseded and replaced by a new version or withdrawn.
Contact ASTM International (www.astm.org) for the latest information
Designation: E1762 − 95(Reapproved 2009) An American National Standard
Standard Guide for
Electronic Authentication of Health Care Information
This standard is issued under the fixed designation E1762; the number immediately following the designation indicates the year of
original adoption or, in the case of revision, the year of last revision. A number in parentheses indicates the year of last reapproval. A
superscript epsilon (´) indicates an editorial change since the last revision or reapproval.
1. Scope ISO 8825-1 1993: Specification of Basic Encoding Rules for
ASN.1
1.1 This guide covers:
ISO 7816 1993: IC Cards with Contacts
1.1.1 Defining a document structure for use by electronic
ISO 10036 1994: Contactless IC Cards
signature mechanisms (Section 4),
2.2 ANSI Standards:
1.1.2 Describing the characteristics of an electronic signa-
ANSI X9.30 Part 3: Certificate Management for DSA, No-
ture process (Section 5),
vember 1994 (ballot copy)
1.1.3 Defining minimum requirements for different elec-
ANSI X9.31 Part 3: Certificate Management for RSA, July
tronic signature mechanisms (Section 5),
1994 (draft)
1.1.4 Defining signature attributes for use with electronic
ANSI X9.31 Part 1: RSA Signature Algorithm, July 1994
signature mechanisms (Section 6),
(ballot copy) (technically aligned with ISO/IEC 9796)
1.1.5 Describing acceptable electronic signature mecha-
ANSI X9.30 Part 1: Digital Signature Algorithm, July 1994
nisms and technologies (Section 7),
(ballot copy) (technically aligned with NIST FIPS PUB
1.1.6 Defining minimum requirements for user
186)
identification, access control, and other security requirements
ANSI X9F1, ANSI X9.45: Enhanced Management Controls
for electronic signatures (Section 9), and
Using Attribute Certificates, September 1994 (draft)
1.1.7 Outlining technical details for all electronic signature
mechanisms in sufficient detail to allow interoperability be-
2.3 Other Standards:
tween systems supporting the same signature mechanism
FIPS PUB 112: Standards on Password Usage, May 1985
(Section 8 and Appendix X1-Appendix X4).
FIPS PUB 181: Secure Hash Standard, 1994 (technically
aligned with ANSI X9.30–1)
1.2 This guide is intended to be complementary to standards
FIPS PUB 186: Digital Signature Standard, 1994 (techni-
under development in other organizations. The determination
cally aligned with ANSI X9.30–1)
of which documents require signatures is out of scope, since it
PKCS #1: RSA Encryption Standard (version 1.5), Novem-
is a matter addressed by law, regulation, accreditation
ber 1993
standards, and an organization’s policy.
PKCS #5: Password-Based Encryption Standard, 1994
1.3 Organizations shall develop policies and procedures that
PKCS #7: Cryptographic Message Syntax Standard, 1994
define the content of the medical record, what is a documented
event, and what time constitutes event time. Organizations
3. Terminology
shouldreviewapplicablestatutesandregulations,accreditation
3.1 Definitions:
standards, and professional practice guidelines in developing
3.1.1 access control—the prevention of unauthorized use of
these policies and procedures.
a resource, including the prevention of use of a resource in an
2. Referenced Documents unauthorized manner.
3.1.2 accountability—the property that ensures that the
2.1 ISO Standards:
actions of an entity may be traced uniquely to the entity.
ISO9594-8 1993:TheDirectory:AuthenticationFramework
(also available as ITU-S X.509)
3.1.3 attribute—a piece of information associated with the
use of a document.
This guide is under the jurisdiction of ASTM Committee E31 on Healthcare
Informatics and is the direct responsibility of Subcommittee E31.25 on Healthcare
Data Management, Security, Confidentiality, and Privacy. Available from American National Standards Institute (ANSI), 25 W. 43rd St.,
Current edition approved April 1, 2009. Published September 2009. Originally 4th Floor, New York, NY 10036, http://www.ansi.org.
approved in 1995. Last previous edition approved in 2003 as E1762–95 (2003). Available from National Institute of Standards and Technology (NIST), 100
DOI: 10.1520/E1762-95R09. Bureau Dr., Stop 1070, Gaithersburg, MD 20899-1070, http://www.nist.gov.
2 5
Available from ISO, 1 Rue de Varembe, Case Postale 56, CH 1211, Geneve, Available from RSA Data Security, 100 Marine Parkway, Redwood City, CA
Switzerland. 64065.
Copyright © ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959. United States
E1762 − 95 (2009)
3.1.4 attribute certificate—a digitally signed data structure 3.1.22 private key—a key in an asymmetric algorithm; the
that binds a user to a set of attributes. possession of this key is restricted, usually to one entity.
3.1.5 authorization—verification that an electronically 3.1.23 public key—a key in an asymmetric algorithm that is
publicly available.
signed transaction is acceptable according to the rules and
limits of the parties involved.
3.1.24 public key certificate—a digitally signed data struc-
3.1.6 authorization certificate—an attribute certificate in ture which binds a user’s identity to a public key.
which the attributes indicate constraints on the documents the
3.1.25 repudiation—denialbyoneoftheentitiesinvolvedin
user may digitally sign.
a communication of having participated in all or part of the
3.1.7 availability—the property of being accessible and communication.
useable upon demand by an authorized entity.
3.1.26 role—the role of a user when performing a signature.
Examples include: physician, nurse, allied health professional,
3.1.8 computer-based patient record (CPR)—the computer-
transcriptionist/recorder, and others.
based patient record is a collection of health information
concerning one person linked by one or more identifiers. In the
3.1.27 secret key—a key in a symmetric algorithm; the
context of this guide, this term is synonymous with electronic
possession of this key is restricted, usually to two entities.
patient record and electronic health record.
3.1.28 signature—the act of taking responsibility for a
3.1.9 computer-based patient record system (CPRS)—the
document. Unless explicitly indicated otherwise, an electronic
CPRS uses the information of the CPR and performs the
signature is meant in this guide.
application functions according to underlying processes and its
3.1.29 signature attribute—an attribute characterizing a
interacting with related data and knowledge bases. CPRS is
given user’s signature on a document.
synonymous with electronic patient record systems.
3.1.30 signature purpose—an indication of the reason an
3.1.10 data integrity—the property that data has not been
entity signs a document. This is included in the signed
altered or destroyed in an unauthorized manner.
information and can be used when determining accountability
3.1.11 data origin authentication—corroboration that the
for various actions concerning the document. Examples in-
source of data received is as claimed.
clude: author, transcriptionist/recorder, and witness.
3.1.12 digital signature—data appended to, or a crypto-
3.1.31 signature time—the time a particular signature was
graphic transformation of, a data unit that allows a recipient of
generated and affixed to a document.
the data unit to prove the source and integrity of the data unit
3.1.32 signature verification—the process by which the
and protect against forgery, for example, by the recipient.
recipient of a document determines that the document has not
3.1.13 document access time—the time(s) when the subject
been altered and that the signature was affixed by the claimed
document was accessed for reading, writing, or editing.
signer. This will in general make use of the document, the
signature, and other information, such as cryptographic keys or
3.1.14 document attribute—an attribute describing a char-
biometric templates.
acteristic of a document.
3.1.33 user authentication—the provision of assurance of
3.1.15 document creation time—the time of the creation of
the claimed identity of an entity.
the subject document.
3.2 Acronyms:
3.1.16 document editing time—the time(s) of the editing of
the subject document. AAMT American Association for Medical Transcription
ABA American Bar Association
3.1.17 domain—a group of systems that are under control of
AHIMA American Health Information Management Association
AIM Advanced Informatics in Medicine
the same security authority.
ASC X3 Accredited Standards Committee X3
3.1.18 electronic document—a defined set of digital infor-
ASC X9 Accredited Standards Committee X9
ASC X12N Accredited Standards Committee X12N
mation, the minimal unit of information that may be digitally
CA Certification Authority
signed.
CEN Comité Européen de Normalisation (European Standards Com-
mittee)
3.1.19 electronic signature—the act of attaching a signature
CLC Comité Européen de Normalisation Electrotechnique
byelectronicmeans.Aftertheelectronicsignatureprocess,itis
(CENELEC)
CRL Certificate Revocation List
a sequence of bits associated with an electronic document,
DSA Digital Signature Algorithm (NIST)
which binds it to a particular entity.
EWOS European Workshop for Open Systems
ES Electronic Signature
3.1.20 event time—the time of the documented event.
FDA Food and Drug Administration
FIPS Federal Information Processing Standard
3.1.21 one-way hash function—a function that maps strings
ISO International Standards Organization
of bits to fixed-length strings of bits, satisfying the following
ITSTC International Technology Steering Committee
two properties:
JCAHO Joint Commission on Accreditation of Healthcare Organizations
MAC Message Athentication Code
3.1.21.1 It is computationally infeasible to find for a given
NIST National Institute for Standards and Technology
output an input that maps to this output.
NTP Network Time Protocol
3.1.21.2 It is computationally infeasible to find for a given PCMCIA Personal Computer Memory Card Interface Association
RSA Rivest-Shamir-Adleman (signature algorithm)
input a second input that maps to the same output.
E1762 − 95 (2009)
or greater level of accurate data entry, accountability, and
SEISMED Secure Environment for Information Systems in Medicine
THIS Trusted Health Information Systems
appropriate quality improvement mechanisms. In this context,
TTP Trusted Third Party
a standard is needed that does not allow a party to successfully
deny authorship and reject responsibility (repudiation).
4. Significance and Use
5.5 The guide addresses the following requirements, which
4.1 This guide serves three purposes:
any system claiming to conform to this guide shall support:
4.1.1 To serve as a guide for developers of computer
5.5.1 Non-repudiation,
software providing, or interacting with, electronic signature
5.5.2 Integrity,
processes,
5.5.3 Secure user authentication,
4.1.2 To serve as a guide to healthcare providers who are
5.5.4 Multiple signatures,
implementing electronic signature mechanisms, and
5.5.5 Signature attributes,
4.1.3 To be a consensus standard on the design, implemen-
5.5.6 Countersignatures,
tation, and use of electronic signatures.
5.5.7 Transportability,
5.5.8 Interoperability,
5. Background Information
5.5.9 Independent verifiability, and
5.1 The creation of computer-based patient record systems
5.5.10 Continuity of signature capability.
depends on a consensus of electronic signature processes that
5.6 Various technologies may fulfill one or more of these
are widely accepted by professional, regulatory, and legal
requirements. Thus, a complete electronic signature system
organizations.The objective is to create guidelines for entering
mayrequiremorethanoneofthetechnologiesdescribedinthis
information into a computer system with the assurance that the
guide. Currently, there are no recognized security techniques
information conforms with the principles of accountability,
that provide the security service of non-repudiation in an open
data integrity, and non-repudiation. Although various organi-
network environment, in the absence of trusted third parties,
zations have commenced work in the field of electronic
other than digital signature-based techniques.
signatures, a standard for the authentication of health informa-
tion is needed. Consequently, this standard is intended as a
5.7 The electronic signature process involves authentication
national standard for electronic signatures for health care
of the signer’s identity, a signature process according to system
information. Technological advances and increases in the
designandsoftwareinstructions,bindingofthesignaturetothe
legitimate uses and demands for patient health information led
document, and non-alterability after the signature has been
the Institute of Medicine (IOM) to convene a committee to
affixed to the document. The generation of electronic signa-
identify actions and research for a computer-based patient
tures requires the successful identification and authentication
record(CPR).Thecommittee’sreportendorsedtheadoptionof
of the signer at the time of the signature. To conform to this
the CPR as the standard for all health care records and the
guide, a system shall also meet health information security and
establishment of a Computer-based Patient Record Institute
authentication standards. Computer-based patient record sys-
(CPRI). National Information Infrastructure initiatives, the
tems may also be subject to statutes and regulations in some
ever increasing complexity of health care delivery, a growing
jurisdictions.
need for accessible, affordable, and retrievable patient data to
5.8 While most electronic signature standards in the bank-
support clinical practice, research, and policy development
ing, electronic mail, and business sectors address only digital
support this recommendation. Major issues identified by CPRI
signature systems, this standard acknowledges the efforts of
as essential to the timely development of CPRs include
industry and systems integrators to achieve authentication with
authentication of electronic signatures (as replacements for
other methods.Therefore, this standard will not be restricted to
paper signatures), as well as patient and provider confidenti-
a single technology.
ality and electronic data security.
5.2 User authentication is used to identify an entity (person 6. Document Structure
or machine) and verify the identity of the entity. Data origin
6.1 For any data or information for which authentication is
authentication binds that entity and verification to a piece of
required, the system shall:
information. The focus of this standard is the application of
6.1.1 Provide to the signer an accurate representation of the
user and data authentication to information generat
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.