Standard Guide for Electronic Authentication of Health Care Information

SIGNIFICANCE AND USE
This guide serves three purposes:
4.1.1 To serve as a guide for developers of computer software providing, or interacting with, electronic signature processes,
4.1.2 To serve as a guide to healthcare providers who are implementing electronic signature mechanisms, and
4.1.3 To be a consensus standard on the design, implementation, and use of electronic signatures.
SCOPE
1.1 This guide covers:
1.1.1 Defining a document structure for use by electronic signature mechanisms (Section 4),
1.1.2 Describing the characteristics of an electronic signature process (Section 5),
1.1.3 Defining minimum requirements for different electronic signature mechanisms (Section 5),
1.1.4 Defining signature attributes for use with electronic signature mechanisms (Section 6),
1.1.5 Describing acceptable electronic signature mechanisms and technologies (Section 7),
1.1.6 Defining minimum requirements for user identification, access control, and other security requirements for electronic signatures (Section 9), and
1.1.7 Outlining technical details for all electronic signature mechanisms in sufficient detail to allow interoperability between systems supporting the same signature mechanism (Section 8 and Appendix X1-Appendix X4).
1.2 This guide is intended to be complementary to standards under development in other organizations. The determination of which documents require signatures is out of scope, since it is a matter addressed by law, regulation, accreditation standards, and an organization's policy.
1.3 Organizations shall develop policies and procedures that define the content of the medical record, what is a documented event, and what time constitutes event time. Organizations should review applicable statutes and regulations, accreditation standards, and professional practice guidelines in developing these policies and procedures.

General Information

Status
Historical
Publication Date
09-May-2003
Current Stage
Ref Project

Relations

Buy Standard

Guide
ASTM E1762-95(2003) - Standard Guide for Electronic Authentication of Health Care Information
English language
17 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


NOTICE: This standard has either been superseded and replaced by a new version or withdrawn.
Contact ASTM International (www.astm.org) for the latest information
An American National Standard
Designation:E1762–95 (Reapproved 2003)
Standard Guide for
Electronic Authentication of Health Care Information
This standard is issued under the fixed designation E 1762; the number immediately following the designation indicates the year of
original adoption or, in the case of revision, the year of last revision. A number in parentheses indicates the year of last reapproval. A
superscript epsilon (e) indicates an editorial change since the last revision or reapproval.
1. Scope ISO 7816 1993: IC Cards with Contacts
ISO 10036 1994: Contactless IC Cards
1.1 This guide covers:
2.2 ANSI Standards:
1.1.1 Defining a document structure for use by electronic
ANSI X9.30 Part 3: Certificate Management for DSA,
signature mechanisms (Section 4),
November 1994 (ballot copy)
1.1.2 Describing the characteristics of an electronic signa-
ANSI X9.31 Part 3: Certificate Management for RSA, July
ture process (Section 5),
1994 (draft)
1.1.3 Defining minimum requirements for different elec-
ANSI X9.31 Part 1: RSA Signature Algorithm, July 1994
tronic signature mechanisms (Section 5),
(ballot copy) (technically aligned with ISO/IEC 9796)
1.1.4 Defining signature attributes for use with electronic
ANSI X9.30 Part 1: Digital SignatureAlgorithm, July 1994
signature mechanisms (Section 6),
(ballot copy) (technically aligned with NIST FIPS PUB
1.1.5 Describing acceptable electronic signature mecha-
186)
nisms and technologies (Section 7),
ANSI X9F1, ANSI X9.45: Enhanced Management Controls
1.1.6 Defining minimum requirements for user identifica-
Using Attribute Certificates, September 1994 (draft)
tion, access control, and other security requirements for elec-
2.3 Other Standards:
tronic signatures (Section 9), and
FIPS PUB 112: Standards on Password Usage, May 1985
1.1.7 Outlining technical details for all electronic signature
FIPS PUB 181: Secure Hash Standard, 1994 (technically
mechanisms in sufficient detail to allow interoperability be-
aligned with ANSI X9.30–1)
tween systems supporting the same signature mechanism
FIPS PUB 186: Digital Signature Standard, 1994 (techni-
(Section 8 and Appendix X1-Appendix X4).
cally aligned with ANSI X9.30–1)
1.2 This guide is intended to be complementary to standards
PKCS #1: RSAEncryption Standard (version 1.5), Novem-
under development in other organizations. The determination
ber 1993
of which documents require signatures is out of scope, since it
PKCS #5: Password-Based Encryption Standard, 1994
is a matter addressed by law, regulation, accreditation stan-
PKCS #7: Cryptographic Message Syntax Standard, 1994
dards, and an organization’s policy.
1.3 Organizations shall develop policies and procedures that
3. Terminology
define the content of the medical record, what is a documented
3.1 Definitions:
event, and what time constitutes event time. Organizations
3.1.1 access control—the prevention of unauthorized use of
shouldreviewapplicablestatutesandregulations,accreditation
a resource, including the prevention of use of a resource in an
standards, and professional practice guidelines in developing
unauthorized manner.
these policies and procedures.
3.1.2 accountability—the property that ensures that the
2. Referenced Documents actions of an entity may be traced uniquely to the entity.
3.1.3 attribute—a piece of information associated with the
2.1 ISO Standards:
use of a document.
ISO 9594-8 1993: The Directory: Authentication Frame-
3.1.4 attribute certificate—a digitally signed data structure
work (also available as ITU-S X.509)
that binds a user to a set of attributes.
ISO 8825-1 1993: Specification of Basic Encoding Rules
3.1.5 authorization—verification that an electronically
for ASN.1
signed transaction is acceptable according to the rules and
limits of the parties involved.
This guide is under the jurisdiction of ASTM Committee E-31 on Healthcare
Informatics and is the direct responsibility of Subcommittee E31.25 on Healthcare
Management, Security, Confidentiality, and Privacy. Available from American National Standards Institute, 11 W. 42nd St., 13th
Current edition approved May 10, 2003. Published July 2003. Originally Floor, New York, NY 10036.
approved in 1995. Last previous edition approved in 1995 as E 1762–95. Available from NIST, Gaithersburg, MD 20899.
2 5
Available from ISO, 1 Rue de Varembe, Case Postale 56, CH 1211, Geneve, Available from RSA Data Security, 100 Marine Parkway, Redwood City, CA
Switzerland. 64065.
Copyright © ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959, United States.
E1762–95 (2003)
3.1.6 authorization certificate—an attribute certificate in 3.1.26 role—the role of a user when performing a signature.
which the attributes indicate constraints on the documents the Examples include: physician, nurse, allied health professional,
user may digitally sign. transcriptionist/recorder, and others.
3.1.27 secret key—a key in a symmetric algorithm; the
3.1.7 availability—the property of being accessible and
useable upon demand by an authorized entity. possession of this key is restricted, usually to two entities.
3.1.28 signature—the act of taking responsibility for a
3.1.8 computer-based patient record (CPR)—the computer-
based patient record is a collection of health information document. Unless explicitly indicated otherwise, an electronic
signature is meant in this guide.
concerning one person linked by one or more identifiers. In the
context of this guide, this term is synonymous with electronic 3.1.29 signature attribute—an attribute characterizing a
patient record and electronic health record. given user’s signature on a document.
3.1.9 computer-based patient record system (CPRS)—the 3.1.30 signature purpose—an indication of the reason an
entity signs a document. This is included in the signed
CPRS uses the information of the CPR and performs the
application functions according to underlying processes and its information and can be used when determining accountability
interacting with related data and knowledge bases. CPRS is for various actions concerning the document. Examples in-
synonymous with electronic patient record systems. clude: author, transcriptionist/recorder, and witness.
3.1.10 data integrity—the property that data has not been 3.1.31 signature time—the time a particular signature was
generated and affixed to a document.
altered or destroyed in an unauthorized manner.
3.1.11 data origin authentication—corroboration that the 3.1.32 signature verification—the process by which the
recipient of a document determines that the document has not
source of data received is as claimed.
been altered and that the signature was affixed by the claimed
3.1.12 digital signature—data appended to, or a crypto-
signer. This will in general make use of the document, the
graphic transformation of, a data unit that allows a recipient of
signature, and other information, such as cryptographic keys or
the data unit to prove the source and integrity of the data unit
biometric templates.
and protect against forgery, for example, by the recipient.
3.1.33 user authentication—the provision of assurance of
3.1.13 document access time—the time(s) when the subject
the claimed identity of an entity.
document was accessed for reading, writing, or editing.
3.2 Acronyms:Acronyms:
3.1.14 document attribute—an attribute describing a char-
AAMT American Association for Medical Transcription
acteristic of a document.
ABA American Bar Association
3.1.15 document creation time—the time of the creation of
AHIMA American Health Information Management Association
the subject document. AIM Advanced Informatics in Medicine
ASC X3 Accredited Standards Committee X3
3.1.16 document editing time—the time(s) of the editing of
ASC X9 Accredited Standards Committee X9
the subject document.
ASC X12N Accredited Standards Committee X12N
CA Certification Authority
3.1.17 domain—agroupofsystemsthatareundercontrolof
CEN Comité Européen de Normalisation (European Standards Com-
the same security authority.
mittee)
3.1.18 electronic document—a defined set of digital infor- CLC Comité Européen de Normalisation Electrotechnique
(CENELEC)
mation, the minimal unit of information that may be digitally
CRL Certificate Revocation List
signed.
DSA Digital Signature Algorithm (NIST)
EWOS European Workshop for Open Systems
3.1.19 electronic signature—the act of attaching a signature
ES Electronic Signature
byelectronicmeans.Aftertheelectronicsignatureprocess,itis
FDA Food and Drug Administration
a sequence of bits associated with an electronic document,
FIPS Federal Information Processing Standard
ISO International Standards Organization
which binds it to a particular entity.
ITSTC International Technology Steering Committee
3.1.20 event time—the time of the documented event.
JCAHO Joint Commission on Accreditation of Healthcare Organizations
MAC Message Athentication Code
3.1.21 one-way hash function—afunctionthatmapsstrings
NIST National Institute for Standards and Technology
of bits to fixed-length strings of bits, satisfying the following
NTP Network Time Protocol
two properties:
PCMCIA Personal Computer Memory Card Interface Association
RSA Rivest-Shamir-Adleman (signature algorithm)
3.1.21.1 It is computationally infeasible to find for a given
SEISMED Secure Environment for Information Systems in Medicine
output an input that maps to this output.
THIS Trusted Health Information Systems
3.1.21.2 It is computationally infeasible to find for a given TTP Trusted Third Party
input a second input that maps to the same output.
4. Significance and Use
3.1.22 private key—a key in an asymmetric algorithm; the
possession of this key is restricted, usually to one entity.
4.1 This guide serves three purposes:
3.1.23 public key—a key in an asymmetric algorithm that is
4.1.1 To serve as a guide for developers of computer
publicly available.
software providing, or interacting with, electronic signature
3.1.24 public key certificate—a digitally signed data struc- processes,
ture which binds a user’s identity to a public key. 4.1.2 To serve as a guide to healthcare providers who are
implementing electronic signature mechanisms, and
3.1.25 repudiation—denial by one of the entities involved
in a communication of having participated in all or part of the 4.1.3 To be a consensus standard on the design, implemen-
communication. tation, and use of electronic signatures.
E1762–95 (2003)
5. Background Information 5.5.9 Independent verifiability, and
5.5.10 Continuity of signature capability.
5.1 The creation of computer-based patient record systems
5.6 Various technologies may fulfill one or more of these
depends on a consensus of electronic signature processes that
requirements. Thus, a complete electronic signature system
are widely accepted by professional, regulatory, and legal
mayrequiremorethanoneofthetechnologiesdescribedinthis
organizations.The objective is to create guidelines for entering
guide. Currently, there are no recognized security techniques
information into a computer system with the assurance that the
that provide the security service of non-repudiation in an open
information conforms with the principles of accountability,
network environment, in the absence of trusted third parties,
data integrity, and non-repudiation. Although various organi-
other than digital signature-based techniques.
zations have commenced work in the field of electronic
5.7 The electronic signature process involves authentication
signatures, a standard for the authentication of health informa-
of the signer’s identity, a signature process according to system
tion is needed. Consequently, this standard is intended as a
designandsoftwareinstructions,bindingofthesignaturetothe
national standard for electronic signatures for health care
document, and non-alterability after the signature has been
information. Technological advances and increases in the
affixed to the document. The generation of electronic signa-
legitimate uses and demands for patient health information led
tures requires the successful identification and authentication
the Institute of Medicine (IOM) to convene a committee to
of the signer at the time of the signature. To conform to this
identify actions and research for a computer-based patient
guide, a system shall also meet health information security and
record(CPR).Thecommittee’sreportendorsedtheadoptionof
authentication standards. Computer-based patient record sys-
the CPR as the standard for all health care records and the
tems may also be subject to statutes and regulations in some
establishment of a Computer-based Patient Record Institute
jurisdictions.
(CPRI). National Information Infrastructure initiatives, the
5.8 While most electronic signature standards in the bank-
ever increasing complexity of health care delivery, a growing
ing, electronic mail, and business sectors address only digital
need for accessible, affordable, and retrievable patient data to
signature systems, this standard acknowledges the efforts of
support clinical practice, research, and policy development
industry and systems integrators to achieve authentication with
support this recommendation. Major issues identified by CPRI
other methods.Therefore, this standard will not be restricted to
as essential to the timely development of CPRs include
a single technology.
authentication of electronic signatures (as replacements for
paper signatures), as well as patient and provider confidenti-
6. Document Structure
ality and electronic data security.
6.1 For any data or information for which authentication is
5.2 User authentication is used to identify an entity (person
required, the system shall:
or machine) and verify the identity of the entity. Data origin
6.1.1 Provide to the signer an accurate representation of the
authentication binds that entity and verification to a piece of
health care information being signed,
information. The focus of this standard is the application of
6.1.2 Append one or multiple signatures,
user and data authentication to information generated as part of
6.1.3 Include, with each signature, information associated
the health care process. The mechanism providing this capa-
with the signer (that is, signature attributes and possibly
bility is the electronic signature.
unsigned attributes), and
5.3 Determination of which events are documented and
6.1.4 Append zero or more document identifiers and at-
which documents must be signed are defined by law, regula-
tributes associated with the document.
tion, accreditation standards, and the originating organization’s
6.2 A document therefore consists of the health care infor-
policy. Such policy issues are discussed in Appendix X4.
matio
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.