Andrew McIntyreMedical-Objects

http://www.medical-objects.com.au <andrew@medical-objects.com.au>

<61 7 54455037>

Digital Signatures in HL7 V2

Australian Context

Require Government PKI Digital signature for paperless referral:

Digital Signature Requirements

Smart Card Digital Signature Certificate embedded in signature

Requests must be in plain text in EDI formatMust be archivableShould remain standards compliantShould survive patient Name changeShould be forwardableShould not break system unaware of signatureShould be evaluable at any future time

Solution – in use for 4 years

Embed Detached Signature in ED OBX segmentOnly sign OBX “data” and not delimiters

Conceptually like XML digital signature Add OBX Header block with relevant OBR/PID

data Patient name, Report Title, Sender but extendable Header block is also signed

Advantages Allows message to be on sent in new message Allows patient demographics to change in PID Allows data to be embedded in ORF/REF messages etc Allows Classic-XML encoding transformation

Example of Signed ORU

Signature Evaluated during display

Need agreed algorithm for “Hash”

Each OBX field in order with “.” as delimiter and <CR><LF> between OBX segments

The algorithm needs unique identifier Allows for HL7 version changes Can use old algorithm on new message and vice versa AUSETAV1^PKI Signature^L used in example

For ORM messages can sign each order item Allows for items to be filled and removed from

outstanding order list Only sign the placer fields

Advantages

Digital signature is embedded and cannot be lostMessage remains compliantUsual message transformations remain possibleCan add copy doctors and new MSH IDSignature can be stripped off if desiredMessage can be archivedAny PKI could be usedDigital signature can be re-evaluated at any timeCan transform to XML if desired