ASTM E1762-95(2013)
(Guide)Standard Guide for Electronic Authentication of Health Care Information (Withdrawn 2017)
Standard Guide for Electronic Authentication of Health Care Information (Withdrawn 2017)
SIGNIFICANCE AND USE
4.1 This guide serves three purposes:
4.1.1 To serve as a guide for developers of computer software providing, or interacting with, electronic signature processes,
4.1.2 To serve as a guide to healthcare providers who are implementing electronic signature mechanisms, and
4.1.3 To be a consensus standard on the design, implementation, and use of electronic signatures.
SCOPE
1.1 This guide covers:
1.1.1 Defining a document structure for use by electronic signature mechanisms (Section 4),
1.1.2 Describing the characteristics of an electronic signature process (Section 5),
1.1.3 Defining minimum requirements for different electronic signature mechanisms (Section 5),
1.1.4 Defining signature attributes for use with electronic signature mechanisms (Section 6),
1.1.5 Describing acceptable electronic signature mechanisms and technologies (Section 7),
1.1.6 Defining minimum requirements for user identification, access control, and other security requirements for electronic signatures (Section 9), and
1.1.7 Outlining technical details for all electronic signature mechanisms in sufficient detail to allow interoperability between systems supporting the same signature mechanism (Section 8 and Appendix X1-Appendix X4).
1.2 This guide is intended to be complementary to standards under development in other organizations. The determination of which documents require signatures is out of scope, since it is a matter addressed by law, regulation, accreditation standards, and an organization's policy.
1.3 Organizations shall develop policies and procedures that define the content of the medical record, what is a documented event, and what time constitutes event time. Organizations should review applicable statutes and regulations, accreditation standards, and professional practice guidelines in developing these policies and procedures.
WITHDRAWN RATIONALE
Formerly under the jurisdiction of Committee E31 on Healthcare Informatics, this practice was withdrawn in March 2017. This standard is being withdrawn without replacement due to its limited use by industry.
General Information
Relations
Standards Content (Sample)
NOTICE: This standard has either been superseded and replaced by a new version or withdrawn.
Contact ASTM International (www.astm.org) for the latest information
Designation: E1762 − 95 (Reapproved 2013) An American National Standard
Standard Guide for
Electronic Authentication of Health Care Information
This standard is issued under the fixed designation E1762; the number immediately following the designation indicates the year of
original adoption or, in the case of revision, the year of last revision. A number in parentheses indicates the year of last reapproval. A
superscript epsilon (´) indicates an editorial change since the last revision or reapproval.
1. Scope ISO 8825-1 1993: Specification of Basic Encoding Rules for
ASN.1
1.1 This guide covers:
ISO 7816 1993: IC Cards with Contacts
1.1.1 Defining a document structure for use by electronic
ISO 10036 1994: Contactless IC Cards
signature mechanisms (Section 4),
2.2 ANSI Standards:
1.1.2 Describing the characteristics of an electronic signa-
ANSI X9.30 Part 3: Certificate Management for DSA, No-
ture process (Section 5),
vember 1994 (ballot copy)
1.1.3 Defining minimum requirements for different elec-
ANSI X9.31 Part 3: Certificate Management for RSA, July
tronic signature mechanisms (Section 5),
1994 (draft)
1.1.4 Defining signature attributes for use with electronic
ANSI X9.31 Part 1: RSA Signature Algorithm, July 1994
signature mechanisms (Section 6),
(ballot copy) (technically aligned with ISO/IEC 9796)
1.1.5 Describing acceptable electronic signature mecha-
ANSI X9.30 Part 1: Digital Signature Algorithm, July 1994
nisms and technologies (Section 7),
(ballot copy) (technically aligned with NIST FIPS PUB
1.1.6 Defining minimum requirements for user
186)
identification, access control, and other security requirements
ANSI X9F1, ANSI X9.45: Enhanced Management Controls
for electronic signatures (Section 9), and
Using Attribute Certificates, September 1994 (draft)
1.1.7 Outlining technical details for all electronic signature
mechanisms in sufficient detail to allow interoperability be-
2.3 Other Standards:
tween systems supporting the same signature mechanism
FIPS PUB 112: Standards on Password Usage, May 1985
(Section 8 and Appendix X1 – Appendix X4).
FIPS PUB 181: Secure Hash Standard, 1994 (technically
aligned with ANSI X9.30–1)
1.2 This guide is intended to be complementary to standards
FIPS PUB 186: Digital Signature Standard, 1994 (techni-
under development in other organizations. The determination
cally aligned with ANSI X9.30–1)
of which documents require signatures is out of scope, since it
PKCS #1: RSA Encryption Standard (version 1.5), Novem-
is a matter addressed by law, regulation, accreditation
ber 1993
standards, and an organization’s policy.
PKCS #5: Password-Based Encryption Standard, 1994
1.3 Organizations shall develop policies and procedures that
PKCS #7: Cryptographic Message Syntax Standard, 1994
define the content of the medical record, what is a documented
event, and what time constitutes event time. Organizations
3. Terminology
shouldreviewapplicablestatutesandregulations,accreditation
3.1 Definitions:
standards, and professional practice guidelines in developing
3.1.1 access control—the prevention of unauthorized use of
these policies and procedures.
a resource, including the prevention of use of a resource in an
2. Referenced Documents unauthorized manner.
3.1.2 accountability—the property that ensures that the
2.1 ISO Standards:
actions of an entity may be traced uniquely to the entity.
ISO9594-8 1993:TheDirectory:AuthenticationFramework
(also available as ITU-S X.509)
3.1.3 attribute—a piece of information associated with the
use of a document.
This guide is under the jurisdiction of ASTM Committee E31 on Healthcare
Informatics and is the direct responsibility of Subcommittee E31.25 on Healthcare
Data Management, Security, Confidentiality, and Privacy. Available from American National Standards Institute (ANSI), 25 W. 43rd St.,
Current edition approved March 1, 2013. Published March 2013. Originally 4th Floor, New York, NY 10036, http://www.ansi.org.
approved in 1995. Last previous edition approved in 2009 as E1762–95 (2009). Available from National Institute of Standards and Technology (NIST), 100
DOI: 10.1520/E1762-95R13. Bureau Dr., Stop 1070, Gaithersburg, MD 20899-1070, http://www.nist.gov.
2 5
Available from ISO, 1 Rue de Varembe, Case Postale 56, CH 1211, Geneve, Available from RSA Data Security, 100 Marine Parkway, Redwood City, CA
Switzerland. 64065.
Copyright © ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959. United States
E1762 − 95 (2013)
3.1.4 attribute certificate—a digitally signed data structure 3.1.22 private key—a key in an asymmetric algorithm; the
that binds a user to a set of attributes. possession of this key is restricted, usually to one entity.
3.1.5 authorization—verification that an electronically 3.1.23 public key—a key in an asymmetric algorithm that is
publicly available.
signed transaction is acceptable according to the rules and
limits of the parties involved.
3.1.24 public key certificate—a digitally signed data struc-
3.1.6 authorization certificate—an attribute certificate in ture which binds a user’s identity to a public key.
which the attributes indicate constraints on the documents the
3.1.25 repudiation—denialbyoneoftheentitiesinvolvedin
user may digitally sign.
a communication of having participated in all or part of the
3.1.7 availability—the property of being accessible and communication.
useable upon demand by an authorized entity.
3.1.26 role—the role of a user when performing a signature.
Examples include: physician, nurse, allied health professional,
3.1.8 computer-based patient record (CPR)—the computer-
transcriptionist/recorder, and others.
based patient record is a collection of health information
concerning one person linked by one or more identifiers. In the
3.1.27 secret key—a key in a symmetric algorithm; the
context of this guide, this term is synonymous with electronic
possession of this key is restricted, usually to two entities.
patient record and electronic health record.
3.1.28 signature—the act of taking responsibility for a
3.1.9 computer-based patient record system (CPRS)—the
document. Unless explicitly indicated otherwise, an electronic
CPRS uses the information of the CPR and performs the
signature is meant in this guide.
application functions according to underlying processes and its
3.1.29 signature attribute—an attribute characterizing a
interacting with related data and knowledge bases. CPRS is
given user’s signature on a document.
synonymous with electronic patient record systems.
3.1.30 signature purpose—an indication of the reason an
3.1.10 data integrity—the property that data has not been
entity signs a document. This is included in the signed
altered or destroyed in an unauthorized manner.
information and can be used when determining accountability
3.1.11 data origin authentication—corroboration that the
for various actions concerning the document. Examples in-
source of data received is as claimed.
clude: author, transcriptionist/recorder, and witness.
3.1.12 digital signature—data appended to, or a crypto-
3.1.31 signature time—the time a particular signature was
graphic transformation of, a data unit that allows a recipient of
generated and affixed to a document.
the data unit to prove the source and integrity of the data unit
3.1.32 signature verification—the process by which the
and protect against forgery, for example, by the recipient.
recipient of a document determines that the document has not
3.1.13 document access time—the time(s) when the subject
been altered and that the signature was affixed by the claimed
document was accessed for reading, writing, or editing.
signer. This will in general make use of the document, the
signature, and other information, such as cryptographic keys or
3.1.14 document attribute—an attribute describing a char-
biometric templates.
acteristic of a document.
3.1.33 user authentication—the provision of assurance of
3.1.15 document creation time—the time of the creation of
the claimed identity of an entity.
the subject document.
3.2 Acronyms:
3.1.16 document editing time—the time(s) of the editing of
the subject document. AAMT American Association for Medical Transcription
ABA American Bar Association
3.1.17 domain—a group of systems that are under control of
AHIMA American Health Information Management Association
AIM Advanced Informatics in Medicine
the same security authority.
ASC X3 Accredited Standards Committee X3
3.1.18 electronic document—a defined set of digital
ASC X9 Accredited Standards Committee X9
ASC X12N Accredited Standards Committee X12N
information, the minimal unit of information that may be
CA Certification Authority
digitally signed.
CEN Comité Européen de Normalisation (European Standards Com-
mittee)
3.1.19 electronic signature—the act of attaching a signature
CLC Comité Européen de Normalisation Electrotechnique
byelectronicmeans.Aftertheelectronicsignatureprocess,itis
(CENELEC)
CRL Certificate Revocation List
a sequence of bits associated with an electronic document,
DSA Digital Signature Algorithm (NIST)
which binds it to a particular entity.
EWOS European Workshop for Open Systems
ES Electronic Signature
3.1.20 event time—the time of the documented event.
FDA Food and Drug Administration
FIPS Federal Information Processing Standard
3.1.21 one-way hash function—a function that maps strings
ISO International Standards Organization
of bits to fixed-length strings of bits, satisfying the following
ITSTC International Technology Steering Committee
two properties:
JCAHO Joint Commission on Accreditation of Healthcare Organizations
MAC Message Athentication Code
3.1.21.1 It is computationally infeasible to find for a given
NIST National Institute for Standards and Technology
output an input that maps to this output.
NTP Network Time Protocol
3.1.21.2 It is computationally infeasible to find for a given PCMCIA Personal Computer Memory Card Interface Association
RSA Rivest-Shamir-Adleman (signature algorithm)
input a second input that maps to the same output.
E1762 − 95 (2013)
record systems to be accepted, they must provide an equivalent
SEISMED Secure Environment for Information Systems in Medicine
THIS Trusted Health Information Systems
or greater level of accurate data entry, accountability, and
TTP Trusted Third Party
appropriate quality improvement mechanisms. In this context,
a standard is needed that does not allow a party to successfully
4. Significance and Use
deny authorship and reject responsibility (repudiation).
4.1 This guide serves three purposes:
5.5 The guide addresses the following requirements, which
4.1.1 To serve as a guide for developers of computer
any system claiming to conform to this guide shall support:
software providing, or interacting with, electronic signature
5.5.1 Non-repudiation,
processes,
5.5.2 Integrity,
4.1.2 To serve as a guide to healthcare providers who are
5.5.3 Secure user authentication,
implementing electronic signature mechanisms, and
5.5.4 Multiple signatures,
4.1.3 To be a consensus standard on the design,
5.5.5 Signature attributes,
implementation, and use of electronic signatures.
5.5.6 Countersignatures,
5.5.7 Transportability,
5. Background Information
5.5.8 Interoperability,
5.1 The creation of computer-based patient record systems
5.5.9 Independent verifiability, and
depends on a consensus of electronic signature processes that
5.5.10 Continuity of signature capability.
are widely accepted by professional, regulatory, and legal
5.6 Various technologies may fulfill one or more of these
organizations.The objective is to create guidelines for entering
requirements. Thus, a complete electronic signature system
information into a computer system with the assurance that the
mayrequiremorethanoneofthetechnologiesdescribedinthis
information conforms with the principles of accountability,
guide. Currently, there are no recognized security techniques
data integrity, and non-repudiation. Although various organi-
that provide the security service of non-repudiation in an open
zations have commenced work in the field of electronic
network environment, in the absence of trusted third parties,
signatures, a standard for the authentication of health informa-
other than digital signature-based techniques.
tion is needed. Consequently, this standard is intended as a
national standard for electronic signatures for health care
5.7 The electronic signature process involves authentication
information. Technological advances and increases in the
of the signer’s identity, a signature process according to system
legitimate uses and demands for patient health information led
designandsoftwareinstructions,bindingofthesignaturetothe
the Institute of Medicine (IOM) to convene a committee to
document, and non-alterability after the signature has been
identify actions and research for a computer-based patient
affixed to the document. The generation of electronic signa-
record(CPR).Thecommittee’sreportendorsedtheadoptionof
tures requires the successful identification and authentication
the CPR as the standard for all health care records and the
of the signer at the time of the signature. To conform to this
establishment of a Computer-based Patient Record Institute
guide, a system shall also meet health information security and
(CPRI). National Information Infrastructure initiatives, the
authentication standards. Computer-based patient record sys-
ever increasing complexity of health care delivery, a growing
tems may also be subject to statutes and regulations in some
need for accessible, affordable, and retrievable patient data to
jurisdictions.
support clinical practice, research, and policy development
5.8 While most electronic signature standards in the
support this recommendation. Major issues identified by CPRI
banking, electronic mail, and business sectors address only
as essential to the timely development of CPRs include
digital signature systems, this standard acknowledges the
authentication of electronic signatures (as replacements for
efforts of industry and systems integrators to achieve authen-
paper signatures), as well as patient and provider confidenti-
tication with other methods. Therefore, this standard will not
ality and electronic data security.
be restricted to a single technology.
5.2 User authentication is used to identify an entity (person
or machine) and verify the identity of the entity. Data origin 6. Document Structure
authentication binds that entity and verification to a piece of
6.1 For any data or information for which authentication is
information. The focus of this standard is the application of
required, the system shall:
user and data authentication to information generated
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.