eHealth Card

1
eHealth Card

• Motivation
• Configuration
• Trays
• Universal ID
• Quantity structure
• Process of ePrescription
• Health Professional Card

2
eHealth Card
3
Motivation

• Improvement of the quality of health care, among
  other things pharmaceutical drug safety
• Improvement of patient-oriented services
• Improvement of personal responsibility,
  cooperation and activity of patients
• Improvement of cost effectiveness and
  transparency in health care
• Improvement of operating processes
• Supply of up to date statitical information
  concerning public health

http//www.die-gesundheitskarte.de/
http//www.worldcongress.com/events/NW615/presenta
tions/Harald20Flex20-20EHR20and20IT20Innovat
ion20Summit.pdf
4
Administrative Applicationsobligatory

• Specification of the state of insurance including
  extra payment
• Warranty to be treated in the foreign countries
  of Europe
• Paperless transmission of prescriptions

5
Medical Applicationsvoluntarily

• Documentation of taken drugs
• Emergency information (for example blood type,
  chronic disease, allergy, heart disease,
  dialysis, asthma)
• additional health information (for example
  current diagnoses, surgery, immunizations or
  X-ray examination )

6
Medical Applicationsvoluntarily

• Possibility to store electronic messages like
  discharge letter
• Receipt about medical treatment and their costs
  (in Germany the statutory health insurance covers
  the costs and the patient normally doesnt know
  the fee)
• Data provided from the patient (for example blood
  sugar level or Health Care Directive
  http//www.cmanet.org/publicdoc.cfm/7

7
configuration
8
configuration
9
configuration back side
10
ContentSegmentation in trays

• Tray for drugs all drugs of the patient
  including self-medication. Input by physician,
  pharmacist or clinician
• Emergency information (European emergency
  document of identification) Name, address,
  etc., medical data to the health status such as
  bloods type, allergies, chronic organ suffering,
  heart disease , asthma or diabetes

11
Content Segmentation in trays

• Additional Healthcards Additional information,
  special disease related information , for example
  OncoCard, DIABCARD, QuaSi-Niere, DENTcard,
  DEFICARD, immunisation card, x-ray card

12
Content Segmentation in trays

• Security tray (if desired, for example Viagra,
  Methadon, HIV-drugs)
• - only exceptional reading access
• - automatic test of interactions
• - in the case of yes, warning signal to the
  physician
• ePrescription
• replaces the paper as transportation medium,
  supports medical prescription with drug
  documentation and drug information

13
Content Segmentation in trays

• Electronical medical report transport of
  discharge letter, referral and hospitalisation,
  other reports. Data can be used without media
  discontinuity
• Pointer
• - Pointer to reports on special examination
  like X-ray examination

14
Content Segmentation in trays

• introspection / additional information
• tray for input by the patient, (card owner)
• chronic disease
• additional information for emergencies
• Health Care Directive
• organ donor
• implants
• Health insurance company
• Membership
• State of additional payment
• Warranty to be treated in the foreign countries
  of Europe

15
Universal Card

• The federal cabinet has decided that the eHealth
  card should be equipped with a digital signature.
  Then it can be used with e-Government
  applications like electronic tax computation,
  bank transfers or online-shopping

http//www.heise.de/newsticker/meldung/57276
16
http//www.telemed-berlin.de/telemed2005/programm.
html
17
(No Transcript)
18
(No Transcript)
19
Costs and Benefits

• 1,7 Billion costs for eHelth card
• 500 700 Million economy per year
• 10.000 to 30.000 dead persons per year caused by
  interactions of drugs

20
Medical datalegal constraints

• Mapping between data and persons is only allowed
  to authorized users (The system administrator is
  no authorized user)
• Tracing of data that allows conclusions
  concerning owner or content has to be avoided
• A central directory that allows combinations with
  other databases has to be avoided

21
ePrescriptionconstraints

• The prescription is a secret that is only known
  to
• Physician, Patient, Pharmacist
• The Prescription is fraud-resistant
• The Physician does not know the Pharmacist
• The Pharmacist does not know the Patient

22
Hybride ciphering

• Data are ciphered first with a symmetric session
  key.
• The session key is ciphered with the public key
  of the patient.
• To decipher, the patient first has to get the
  symmetric session key with his private key

23
Challenge - response

• A challenged or a mystery is stored with the data
  and only the owner can solve it.
• The challenge is a random number which is
  ciphered with the public key of the patient. Only
  he can solve it by deciphering it with his
  private key

24
ePrecription
Prescription
Session key
HPC Physician
Signature
Encrypted Prescription
Ticket
DatenID Session key
Secret S PukPat (S)
/ PukPat\
Ticket
eGK Patient
Ticket
Signature
DatenID
Signature
Session key
Prescription
25
Virtual file system

• How does an authorized person find his data?
• How can it be assured that a public / private key
  belongs to that person?
• How the data can be retrieved if the keys are
  changed?

26
Virtual file system

• Each object gets a unique object ID
• Each object gets a non ciphered parent ID
• Each object gets a ciphered child ID (ciphered
  with the public key of the patient)

27
Losing and theft
The data are stored in a file system, The Child
ID is ciphered with the public key of the patient
001 root PukPat(101) PukAlt(101)
002 101 ePrescription PukPat(102) PukAlt(102)
003 102 Prescription 15.9.06 PukPat(103) PukAlt(103)
004 102 Prescription 20.9.06 PukPat(104) PukAlt(104)
005 101 eHealth Record PukPat(105) PukAlt(105)
006 105 X-Ray Foot Left PukPat(106) PukAlt(106)
007 105 High blood pressure PukPat(107) PukAlt(107)
008 107 Diagnosis PukPat(108) PukAlt(108)
009 107 Plan for treatmaen PukPat(109) PukAlt(109)
Additionally the data can be linked with the
public key of an alternate eHealth card. When the
card is lost, the alternate eHealth card can be
used. When the card is stolen, the link of the
root is deleted.
28
Potential attacks against the data

• DataID is located on the eHealth Card
• DataID and random number are ciphered with the
  public key of the patient.
• Trial and error with all public keys of the 80
  million insured persons
• DataID and random number are ciphered with a
  second random number SeKT and stored as Hash
  value.

29
(No Transcript)
30
HPCSynonyme

• Health Professional Card
• Arztausweis
• elektronischer Heilberufsausweis
• Heilberufsausweis
• Heilberufskarte

31
Health Professional Card