Difference between revisions of "Document Digital Signature"

From IHE Wiki
Jump to: navigation, search
(Details)
Line 9: Line 9:
  
 
==Details==
 
==Details==
Electronic documents are being increasingly relied upon in healthcare. Signatures have been a part of the electronic documentation process in health care and have traditionally been indicators of accountability. Reliable exchange of data between disparate systems requires a standard that implements non-repudiation to prevent document creators from denying authorship and rejecting responsibility.  
+
The Document Digital Signature (DSG) Profile is a Document Content Profile that defines general purpose methods of digitally signing of documents for communication and persistence. Among other uses, these methods can be used within an IHE Document Sharing infrastructure (e.g., XDS, XCA, XDM, XDR, and MHD). There are three methods of digital signature defined here: Enveloping, Detached (manifest), and SubmissionSet.  
  
DSG is constrained to XDS. The document content profile can be used as a reference; however, its specifications are used in other contexts. Systems that do not use XDS can still work with their own methodologies, but those methods will not be covered in the document content profile portion of this supplement.
+
* An Enveloping Signature is a Digital Signature Document that contains both the signature block and the content that is signed. Access to the contained content is through removing the Enveloping - Digital Signature. Among other uses, this method should not be used with Document Sharing infrastructure.
 
+
* A Detached Signature is a Digital Signature Document that contains a manifest that points at independently managed content. Detached signatures leave the signed document or documents in the original form. Among other uses, this method is recommended for use with a Document Sharing infrastructure to support Digital Signatures, as this method does not modify the original Document Content. This method uses the Document Sharing “SIGNS” relationship provide linkage.
Other IHE clinical domains are encouraged to utilize the digital signature document described in the following document content profile to sign their clinical and administrative documents and use their defined message transfer or use of XDS. For example, Patient Care Coordination could create a patient care workflow that relies on signature or the sharing of patient consent documents.
+
* A SubmissionSet Signature is a Detached Signature Document that attests to the content in a SubmissionSet by: containing a manifest of all the other Documents included in the SubmissionSet, and a reference to the SubmissionSet. The Document Sharing “SIGNS” relationship may be used but is not required.
 
+
The infrastructure to do the signing, verification, and identity management exists and is not defined in this document content profile.  The specific Private Key Infrastructure (PKI) is not identified by this profile. Whichever infrastructure is selected shall adhere to ISO TS-17090 standards for PKI in healthcare.  
+
 
+
The scope of this supplement is currently limited to by-reference signatures, where the signature is a reference to the whole document. This document content profile can be used by domains wanting to implement e-referral and e-prescription using signatures by-reference in XDS.
+
 
+
Other forms of signatures such as embedded signatures and partial XML signatures are out of scope for this document content profile. Eg: DICOM, PDF, Digitally signed report. 
+
An XDS Repository is not responsible to validate any signature documents it stores.  Only Document Sources and Document Consumer Actors are responsible to produce and process document content.  
+
  
 +
Ink-on-paper signatures have been a part of the documentation process in health care and have traditionally been indicators of accountability. Reliable exchange and storage of electronic data between disparate systems requires a standard that implements equivalent non-repudiation to prevent document creators from denying authorship and rejecting responsibility.
  
 
==Systems Affected==
 
==Systems Affected==

Revision as of 23:12, 26 March 2015


Summary

The Document Digital Signature (DSG) content profile specifies the use of digital signatures for documents that are shared between organizations.

Benefits

DSG provides a mechanism for using digital signatures.

Details

The Document Digital Signature (DSG) Profile is a Document Content Profile that defines general purpose methods of digitally signing of documents for communication and persistence. Among other uses, these methods can be used within an IHE Document Sharing infrastructure (e.g., XDS, XCA, XDM, XDR, and MHD). There are three methods of digital signature defined here: Enveloping, Detached (manifest), and SubmissionSet.

  • An Enveloping Signature is a Digital Signature Document that contains both the signature block and the content that is signed. Access to the contained content is through removing the Enveloping - Digital Signature. Among other uses, this method should not be used with Document Sharing infrastructure.
  • A Detached Signature is a Digital Signature Document that contains a manifest that points at independently managed content. Detached signatures leave the signed document or documents in the original form. Among other uses, this method is recommended for use with a Document Sharing infrastructure to support Digital Signatures, as this method does not modify the original Document Content. This method uses the Document Sharing “SIGNS” relationship provide linkage.
  • A SubmissionSet Signature is a Detached Signature Document that attests to the content in a SubmissionSet by: containing a manifest of all the other Documents included in the SubmissionSet, and a reference to the SubmissionSet. The Document Sharing “SIGNS” relationship may be used but is not required.

Ink-on-paper signatures have been a part of the documentation process in health care and have traditionally been indicators of accountability. Reliable exchange and storage of electronic data between disparate systems requires a standard that implements equivalent non-repudiation to prevent document creators from denying authorship and rejecting responsibility.

Systems Affected

Systems involved in this profile are:

  • EHR, EMR, HIE, HIO


Specification

Profile Status: Trial Implementation

Documents:

  • Vol. 3 - Section 5.3


Underlying Standards:


See Also

Related Profiles

This page is based on the Profile Template