e-health in Europe Georges Liberman, Ingenico
|
|
- Annis Watts
- 8 years ago
- Views:
Transcription
1 e-health in Europe At Ingenico, we bring the security layer between the patient, the doctor, and the health management system. This way healthcare systems become safer, more efficient, and provide a better service to all citizens. Georges Liberman, Ingenico This White paper has been produced by Ingenico Corporate Communication and Thierry Spanjaard, Smart Insights June 2012
2 Executive Summary Both governments and private stakeholders are in search of a better global efficiency in the way public healthcare policies are administered. This search for efficiency is triggered by citizen/customer demand, by the increasing cost of medical treatments, and the availability of information technologies. e-health, the application of IT for healthcare management, has demonstrated it can bring huge benefits in terms of making healthcare available to all citizens at the best cost. Most European governments invest in e-health to deliver more and more complex services, and, at the same time, to meet increasing demand. The first focus, as has been set up in Germany and France, is often to manage the financial flow associated with healthcare systems, and to ensure all stakeholders receive the amount they deserve and expect, and insurances and patients disburse their due. As national healthcare systems are extremely complex, each government has found means, generally involving smart cards, dedicated secure terminals and software, secure networks and databases to complete these tasks. Leveraging the experience from national implementations in pioneering countries, a new generation of services is now coming in Europe. These services include interoperable or shared electronic health records (EHR), in order to ensure a seamless but secure access to medical data, and e- Prescriptions, to dematerialize the prescription (with associated security), thus generating productivity benefits. European investment levels in e-health represent only 1% to 1.5% of total healthcare expenditure 1. These investments trigger huge productivity gains and savings, and generate a fast return on investment. The latest information technology is ready to trigger radical improvements in the way healthcare systems are run. Secure transactions technologies are at the core of e-health needs, and guarantee security, confidentiality and efficiency. 2
3 Table of Contents Executive Summary 2 Table of Contents 3 Introduction 4 1. Needs for a secure e-health system 5 2. Needs of stakeholders in a e-health system PATIENTS HEALTHCARE PROFESSIONALS HOSPITALS PUBLIC INSURANCE SYSTEMS PRIVATE INSURANCE COMPANIES PUBLIC AUTHORITIES SOCIETY NEEDS 8 3. e-health applications MEDICAL RECORDS e-prescription e-medical CLAIM FORM DRUGS MANAGEMENT Solutions 12 Conclusion 13 Annex: Examples of European e-health systems France STAKEHOLDERS FRENCH e-health SCHEME TECHNOLOGY ASPECTS German healthcare system STAKEHOLDERS TECHNOLOGY ASPECTS Other European healthcare systems GLOBAL APPROACH EXAMPLES OF OTHER HEALTHCARE SYSTEMS IN EUROPE 20 Appendix A: Sources 21 Appendix B: Table of Acronyms 22 3
4 Introduction Governments, and societies at large, have always been in demand of better healthcare for the population. This has been achieved by the developments and improvements of medicine. But, at the same time, the challenge is to bring the progress in medical care to all citizens. To achieve this, not only medicine is involved, but also the way it is managed. Managing healthcare at a national level means making decisions on medical as well as on administrative topics. The organization of healthcare services is a core competence of the government, which goes through the combination of medical choices, with technology related decisions, involving information technologies. cost optimization, leading to a globally better governance of the healthcare system. Citizens demand, especially in a global economic crisis period, lead decision makers in healthcare to investigate more efficient solutions to deliver the best level of medicine to the largest population at the best available cost. Technology, especially the secure transactions technology involved in health cards, readers, terminals, and digital signature processes, brings solutions to these needs. Thanks to secure transactions technologies, healthcare systems can be run more smoothly, and provide better services at a lower cost. Most European governments have set up combined systems of healthcare insurance, in which public compulsory health insurance coexists with private companies (which are optional most of the time). Globally, the European population is ageing, which translates into an increasing demand for healthcare, and an increased cost of treatment. On a global basis, many governments in Europe are transferring expenses from public insurance to private ones. The ongoing economic crisis leads both governments and private bodies to be in demand for better IT applied to healthcare services, or in short, e-health, needs a strong authentication of every stakeholder in the system, essentially patients and healthcare professionals. The core functionality of e-health is to support the financial aspects of healthcare and ensure treatment providers are paid, and patients are only spending what they are due to spend according to their insurance. Additionally, electronic health Records, e-prescriptions, telemedicine, and other new applications, are under development in order to improve the quality of care while reducing the cost of delivering healthcare services. 4
5 1. Needs for a secure e-health system Healthcare systems are established on a global basis. Societies, or in other terms, populations at large, are in demand of ever better healthcare systems, and at the same time through governments and public or private insurance, citizens expect healthcare costs to be kept within limits, and cost control to be enforced. altered or modified either by their originator, or by anyone else. To fulfill this objective, prescriptions or other medical decisions are to be signed, in order to ensure their integrity and non-repudiation. Transactions Bringing information technologies to healthcare systems encompasses a variety of applications, in tune with citizens needs, both on an individual basis and on society level. Information technologies increase the efficiency of administrative processes and optimize costs by rendering all information flows that were previously based on paper documents electronic. Confidentiality Healthcare deals with personal medical information, such as e-health records, diagnosis, results of medical checkups, etc. Patients want to ensure their medical records are kept confidential. They want to make sure they will have access to their own health records, and that only authorized healthcare professionals will have access to them. To ensure this, e- Health systems must take into account confidentiality needs. Identification/Authentication In addition, e-health systems need to provide identification or authentication of the patient, and authentication of everyone who has access to personal medical records. To achieve this goal e-health systems enable the identification and authentication of all users. Healthcare services are dealing with humans most valuable asset. Healthcare professionals are responsible for their therapeutic acts, such as specific examination, prescription, surgery, or even a simple injection. For this reason, an e- Health system must ensure the person responsible for a therapeutic act is authenticated. Signature Moreover, there is a need to ensure therapeutic acts are part of healthcare records, and once decided, cannot be Most of the time, an e-health system includes transactions. e-health transactions are not always financial transactions (such as bank card payments). For example, updating a health card is a transaction which requires a certain level of security, to ensure both integrity and confidentiality. Delivering and signing e-prescriptions is also a transaction. These services require a security layer between the various parts of the system (patients, professionals, institutions), which is achieved with a health card system and associated security layer infrastructure solutions (widely deployed). This infrastructure is comparable to the bank card electronic payment acceptance infrastructure. But to be efficient it has to comply with healthcare professionals and institutions constraints and habits. This has been proven in existing large-scale deployments. Considering these requirements, and with dematerialization as an objective, an e-health system must bring convenience for all its stakeholders, but also include security features. For this reason, e-health systems include security procedures commonly found in payment systems, or in company security systems. All these systems ensure: n Confidentiality, n Identification, n Authentication, n Digital signatures, n Transaction management. To ensure these objectives are fulfilled, national e-health systems very often use smart cards carrying the patient or healthcare professional identity, and achieve the security needs of e-health applications thanks to a dedicated security layer infrastructure. 5
6 2. Needs of stakeholders in an e-health system PATIENTS Typically patients demand the best healthcare service for a minimal cost (and a minimal involvement in administrative processes). For this reason, patients are happy to be given a health card that will guarantee them access to healthcare and manage administrative and payment/reimbursement aspects. Patients are generally happier to have their medical expenses paid directly by public and private insurances rather than to have to pay for medical expenses upfront, and later to be reimbursed. Various systems exist implementing both flows or a combination of them. If the patient has to pay upfront for medical acts to be reimbursed later, he needs to be given access to the current status of his reimbursement process, or more globally to his administrative records. As the card is used to carry patient rights, the healthcare IT infrastructure has to take into account card issuance along with options for the patient to read his card and to update it. The medical system has to include some medical data, and to ensure this access is kept confidential, i.e. reserved to the patient and authorized healthcare professionals. Patients must be given a means to access this medical data. To achieve this in a secure manner, the patient health card is used as an authentication means. The healthcare professional card is also used as an authentication means to give access to patient healthcare related data. In some cases, both the patient and the healthcare professional card could be combined to ensure only the healthcare professionals authorized by the patient have access to the data.
7 2.2. HEALTHCARE PROFESSIONALS Who are the healthcare professionals? Healthcare professionals is a denomination including many professionals who have different relations with patients. For instance, healthcare professionals include: n General practitioners, or family doctors, n Specialists, psychotherapists, n Doctors working in public hospitals, n Doctors working in private hospitals, n Pharmacists, n Nurses, n Midwives, n Other therapists, such as physiotherapists e-prescription In some cases, the GP s (General Practitioner) prescription can be dematerialized. In this case, the prescription given out by a GP is no longer on paper, but is either written on the patient card, or stored over a network (or in the cloud), and the patient card will be used as the secure key to gain access to it when the pharmacist delivers medicines. Making prescriptions electronic is a way to combat fraud; with an e-prescription, a patient cannot add a medicine to get it reimbursed! e-prescriptions also reduce errors with better information shared between professionals and can be combined with a server side process detecting interactions between several treatments delivered by various doctors Relation with administrative processes One way to view the healthcare professionals role is to say these professionals deliver care and treatments against payment. Depending on the system, either the healthcare professional is paid directly by the public or private insurance, or a combination of both, or the patient pays the healthcare professional directly, and later gets reimbursed by the public or private insurance, or a combination of both. Most healthcare professionals prefer to concentrate on delivering a treatment than on administrative chores and the administrative part of the system has to adapt to medical practice (and not the other way round). In other words, the technology has to interact seamlessly and effortlessly with medical practices. To perform these administrative tasks, healthcare professionals must get equipped with IT equipment (computers, healthcare card terminals, communication means, printers ), for which they often get subsidies from public institutions HOSPITALS Hospitals deliver a large part of healthcare services, and generally more complex and expensive services than general practitioners. A patient is registered when he enters the hospital under the administrative system, whether he uses his patient card or not. From this point, the hospital administrative data is managed on databases and traditional IT systems. Access to this data is restricted to the administrative personnel, thanks to regular company security systems. Last but not least, e-prescriptions enable institutions to better know which medicines are prescribed, thus improving the global system management Patient data confidentiality Healthcare professionals are especially sensitive to privacy. They need to ensure medical records are kept confidential, owned by the healthcare professional and the patient, and are not unwillingly or unwittingly shared with the healthcare insurances or third parties. At the same time, healthcare professionals often have to share data with their peers. For instance a GP often needs to share patient-related data with a specialist. The e-health system has to provide healthcare professionals with a means to securely share information. In this context, securely sharing information means the sender and the recipient need to be authenticated, and may have to exchange data in an encrypted manner. Typically a system based on public key cryptography (PKI or Public Key Infrastructure) with digital signatures is the commonly accepted solution to this requirement. Medical records are managed separately from administrative data for privacy and security reasons. In most cases, in hospitals, medical records are managed on databases using traditional IT systems. As medical records are especially sensitive, security procedures are in place to restrict access to this data. A healthcare professional card is used as a means to access e-medical records. In order to ensure data confidentiality and security, data communication is kept under close control. Data is generally encrypted, and signed, using the healthcare professional card as a signature and cryptographic keys container. 7
8 2.4. PUBLIC INSURANCE SYSTEMS In most European countries, governments, or other public or para-public organizations have set up public insurance systems. The goal of a public insurance system is to execute government policies. In other words, the public insurance system is in charge of managing the financial and administrative aspects of the system, aiming to monitor the delivery of the best possible healthcare services, for a given cost. Public insurance systems are thus in search of means to increase the efficiency of their administrative processes in a search of increased costeffectiveness. Public insurance systems aim at ensuring a smooth and efficient data flow to complete payments to all stakeholders. Public insurance systems are in charge of managing the relation with insured people, or in other words, all (or most) citizens, which generally takes the form either of a health card, or of an e-health application on an existing national ID card. Public insurance bodies are answerable to governments and in a more general sense to the citizens. For this reason, they have to demonstrate that they manage the healthcare organization efficiently and run a transparent and auditable system PRIVATE INSURANCE COMPANIES In most European countries, the public insurance system is complemented by private insurances that provide additional payment for healthcare services not covered by the public healthcare insurance system. Private insurance companies, whether they are mutual insurance companies or commercial insurance companies, have a cost-efficiency objective. For this reason, they are often considered as more cost-conscious than public organizations. The objective of private insurance companies, in their relations with all stakeholders involved in the healthcare system is to ensure easy and efficient interaction with patients, who are actually their customers. Private insurance companies have a permanent relationship with healthcare professionals and thus have to ensure this relation is managed in an efficient manner. In many cases, private insurance companies establish an affiliation program with a selection of healthcare professionals, directing patients to them, as a compensation for a limiting their pricing policies. As the healthcare system often involves a combination of public and private payment, private insurance companies have an established relationship with the public healthcare bodies PUBLIC AUTHORITIES 8 Public authorities, typically governments, ministries, or healthcare authorities under government control. Missions include: n Healthcare system organization and administration, n Definition of operational rules, in terms of processing, financing and security, n Fixing pricing policies and splitting costs incurred by the public and private insurances and by the patients themselves. As a consequence Healthcare Authorities have set up and are now enforcing dematerialization policies, fostering the replacement of an initially paper-based management 2.7. SOCIETY NEEDS Society at large requires an efficient, fair, healthcare system, accessible to all and at minimal cost. The system has to guarantee all citizens or at least all the beneficiaries of the health insurance have access to treatments. It also has to ensure all healthcare professionals are paid for their services in a timely manner. Finally, as most systems system, to a computerized connected system that ensures more efficient data flows and relations between all stakeholders. Dematerialization demonstrates its efficiency in terms of time and cost. For instance, in France, a few years ago, medical expenses were typically reimbursed by the healthcare insurance within three weeks, whereas the average lead time is now 3 to 5 days. The Cour des Comptes (French Court of Auditors) has established that the unit processing cost of a paper claim is EUR 1.74 whereas the unit processing cost of an electronic claim is just EUR include a public healthcare insurance, the system has to ensure funds are used in a fair, efficient and auditable manner. Society demands fairness in the use of the healthcare system. For instance in a family healthcare expenses must be reimbursed to the person who received a treatment and incurred the corresponding expenses.
9 3. e-health applications Healthcare is a national and in some countries a regional responsibility. Nevertheless, there is a need for cooperation between the European Commission and the Member States as well as among Member States 2 themselves. For this reason, European programs focus on establishing interoperability between national frameworks rather than on establishing a single way of managing healthcare that would not be acceptable by national authorities. The EU, through its e-health European Interoperability Framework, is building common objectives, practices and rules across healthcare systems of different countries in the EU. The goal of the e-health European Interoperability Framework would be to define and agree on a common set of standards (and relevant standardization bodies), profiles, testing tools and procedures, quality management system, certification scheme, roles, responsibilities and processes. 3 The expected results of this program are as follows 4 : Beneficiaries Anticipated benefits Member states EC Healthcare providers Will be guided (and this is one of their main requests) and coordinated in their efforts to build national and international interoperable e-health infrastructures Will have the rational arguments to be able to build a plan to massively deploy cross border e-health services in a sustainable way Will be able to provide cross-border care in the safest way EU citizens/patients 3.1. MEDICAL RECORDS Electronic Health Records (EHR) are defined as digitally stored healthcare information about an individual's lifetime with the purpose of supporting continuity of care, education and research, and ensuring confidentiality at all times 5. In other terms, EHRs are repositories of electronically maintained information about individuals lifetime health They will be able to fully enjoy the possibility of having a right to Healthcare outside their country of origin status and healthcare, stored in such a way that they can serve the multiple legitimate users of the records. The EHR should include information such as observations, laboratory tests, diagnostic imaging reports, treatments, therapies, drugs administered, patient identifying information, legal permissions and allergies. 9
10 10 Demand is clear to make EHRs interoperable across the European Union. Making EHRs interoperable will contribute to more effective and efficient patient care by facilitating the retrieval and processing of clinical information about a patient from different sites. Direct objectives of interoperable EHRs include: n Direct patient care, n Patient care management, n Patient care support processes, n Financial and other administrative processes, n Patient self-management e-prescription The e-health Initiative (EHI) defined electronic prescribing as the use of computing devices to enter, modify, review, and output or communicate drug prescriptions. e-prescribing systems should provide: n Computerized entry and management of prescriptions, n Knowledge support, with immediate access to information on medicines, n Decision support, aiding the choice of medicines and other therapies, with alerts such as drug interactions, n Support during administration, n Computerized links between hospital wards/departments and pharmacies, However, EHR data is stored in multiple locations in various proprietary formats through a multitude of medical information systems available on the market. To ensure more interoperability, and a better management of EHRs or at least of PHRs, the e-health system must provide the capability of preserving medical records, organizing them in a standardized EHR database, and at the same time providing all guarantees in terms of information security, and personal data protection. This can be achieved based on an authentication through the healthcare professional card and infrastructure, and access to data has to be authorized by the patient himself, generally thanks to the cryptographic functions in the patient card. n Ultimately, links to other elements of patients' individual care records, n Improvements in existing work processes, n Robust audit trails for the entire medicines use process 6. e-prescriptions application needs authentication and security throughout the e-health system. An e-prescription can only be created with the consent of the patient, or in other terms with the use of the patient card along with his authorization, through biometry or a PIN code. An e-prescription is generated by a healthcare professional, and kept secure thanks to the signature and cryptography functions contained in his card. e-health terminals allow the simultaneous presence of the healthcare professional card and the patient card.
11 3.3. e-medical CLAIM FORM Several e-health systems were originally developed to computerize claim forms, paper documents sent by patients to public and private insurances to be reimbursed for their medical expenses, and claims made by healthcare professionals to receive payment for the treatments they delivered. Now, medical claims have been converted into data on IT systems taking care of all the financial flows associated with healthcare systems DRUGS MANAGEMENT The EU Falsified Medicines Directive requires that medicines are traced at pack level, and not at batch level as before. For this reason, pack markings are evolving from 1D barcodes to 2D barcodes. The objective, also supported by the European Federation of Pharmaceutical Industries and Associations (EFPIA), is to secure the supply chain against counterfeit medicines by enabling medicine packs to be verified at the point of dispensing. Thanks to this evolution, pharmacists are able to implement a better traceability, even knowing which pack of medicine has been delivered to which patient. In hospitals, medicines are prepared individually for each patient, and a traceability system is implemented to guarantee the right drug is delivered to each patient. Advanced solutions are implemented with barcodes associated to each patient and to each drug container. At the time of delivery, a nurse scans both barcodes to confirm a dedicated medicine is delivered to the right patient. 11
12 4. Solutions Thanks to its multi-faceted experience in healthcare and in payments, Ingenico has already been involved in many aspects of e-health management. Thanks to its longstanding experience, Ingenico provides the appropriate security layer to support e-health applications. The company delivers solutions to support all needs in the e-health area, including: n e-medical claims forms management, n e-medical records security, n e-prescriptions, n Health card management n Drugs management, n And more Ingenico has been actively involved in French and German e-health programs among others. This makes Ingenico one of the most knowledgeable companies for all needs relating to e-health management and the worldwide leader for e-health security layer infrastructure solutions. 12
13 CONCLUSION All European governments are now convinced of the need to invest in e-health to ensure the best possible delivery of healthcare services to citizens at the best cost. In addition, private stakeholders such as insurance companies and healthcare professionals are in search of productivity improvements. Healthcare systems are inherently complex, due to the multiplicity of situations and the high number of stakeholders. France and Germany were first to widely develop their systems on a large scale, based on secure transactions technologies, and primarily focusing on the management of the financial flows associated with healthcare through electronic claims. This need has led to issuing patient cards and healthcare professional cards, which in turn, led to the need for dedicated e-health terminals and solutions. The terminals industry is playing a central role in providing the security layer needed for e-health applications and in developing readers and terminals, especially dedicated to e-health applications, and best suited to all stakeholders needs. These e-health terminals comply with the specific requirements of each function and provide the needed security to ensure a seamless integration in the workflows while at the same time guaranteeing security and data confidentiality. The complexity of e-health solutions is increasing as new applications are developed: Electronic Health Records, e-prescriptions, drugs management and more. e-health solutions are now expanding all over Europe for the benefit of citizens and the European Union is playing its role in ensuring healthcare systems remain consistent with each other, and European citizens benefit from healthcare services wherever they are in the EU. 13
14 Annexe: Examples of European e-health systems 1. France France has been running its SESAM-Vitale program for years. It uses new technologies to simplify and accelerate exchanges, thereby doing away with any paperwork 7. Widely deployed as of 1998, SESAM-Vitale currently links more than 300,000 healthcare professionals and processes around 1 billion electronic claim forms for reimbursement per year STAKEHOLDERS GIE SESAM-Vitale and ASIP-Santé The Groupement d Intérêt Economique SESAM-Vitale (Economic Interest Group) is a service provider whose missions are the technical expertise, the development and the promotion of the SESAM-Vitale program. The GIE SESAM-Vitale was created by the partners of the French Health Insurance to develop common solutions to meet the needs of all its members, whether they are part of the compulsory systems or the complementary insurance organizations. ASIP-Santé, (Agence des Systèmes d Information Partagés de la Santé Agency for Shared IT Systems), is in charge of the daily oversight and steering of e-health implementation activities Public health insurance In France, health insurance is a branch of the Social Security system. It is funded by workers salaries (60% of the fund), by indirect taxes on alcohol and tobacco and by direct contribution paid by all revenue proportional to income, including retirement pensions and capital revenues 8. The Caisse Nationale d Assurance Maladie- Travailleurs Salariés (CNAM-TS National Health Insurance) is in charge of the management of the general scheme of health insurance. Its action is based on three fundamental principles: solidarity, equality of access to treatments and quality of treatment. The global objective of the CNAM-TS is to balance its accounts, thus it engages in cost reduction actions. In order to achieve its objectives, the government and the CNAM-TS, impose healthcare professionals pricing policy, and trigger more efficient and secure processes thanks to information technology. Also, to contribute to the reduction of healthcare costs, public and private insurance inform patients about the actual cost of their treatments Mutual and private health insurances More than 80% of French people have supplemental insurance, often provided by their employers. The poorest have free universal healthcare, which is financed by taxes 9. There are over 600 mutual and private insurance companies involved in health insurance. Mutual and private insurance companies deliver to the patient a complementary payment for medical treatments, which comes in addition to the payment from the public health insurance. Insurance companies objectives is either to balance their accounts, or to generate profits. For this reason, they play a role in pushing for efficient, IT-based administrative processes. They also tend to have a balanced relationship with healthcare professionals, offering them an influx of patients against a limitation of their pricing policies.
15 Healthcare professionals Healthcare professionals are represented through Orders, such as the Ordre National des Médecins (National Order of Doctors), Ordre National des Pharmaciens (National Order of Pharmacists) and others. The Orders represent healthcare professionals in their negotiations with other stakeholders, and take responsibility in the implementation of some projects Patients Patients are free to choose which healthcare professional they want to deal with, they also choose their mutual or private insurance. Even in this complex environment, patients demand the best combination between quality of treatment and cost. Healthcare professionals benefit from subsidies to support their equipment cost for e-health terminals FRENCH e-health SCHEME Source: Information GIE SESAM-Vitale/infographie Ingenico SESAM-Vitale Scheme Deployed as of 1998, SESAM-Vitale currently links more than 300,000 healthcare professionals with the Health Insurance System, for the benefit of millions of insured persons who have the Vitale card. The SESAM-Vitale system transmits around 100 million electronic claims per month. It has been assessed that the cost of an electronically transmitted claim is EUR 0.27, whereas the cost of processing a paper claim is EUR
16 Source: Information GIE SESAM-Vitale/infographie Ingenico Healthcare professional card The CPS (Carte de Professionnel de Santé Healthcare Professional Card) is a microprocessor card. The CPS functionalities include identification, authentication and electronic signature of healthcare professionals 10. The CPS contains information about the identity of the healthcare professional, his qualification, his various abilities and roles. Additionally, the CPS contains certificates, which constitute the healthcare professional s dematerialized identity proof and is certified by the ASIP Santé (Agence des Systèmes d Information Partagés de la Santé Agency for Shared IT Systems). These certificates are used as a confidence token, for applications that involve confidential medical data. Certificates allow: n Identification of the healthcare professional, i.e. unequivocally recognizing his person and qualifications, n Authentication, i.e. recognition of his identity, n Electronic signature of documents or medical acts, allowing the cardholder to commit on the content of a document, and to guarantee its integrity, n Encryption of exchanged data, so that only the recipient can read them. Information are exchanged in a way that prevents reading and interception by a third party. Encryption certificates are used as part of security procedures. Tools to ensure confidentiality thanks to data ciphering. The CPS is currently evolving towards a new version called CPS V3. The new card will have all the functionalities of the current one and additionally: n Facilitate its deployment and integration in existing solutions thanks to support of new industrial standards (CPS V3 supports IAS standard), n Support contactless technology in order to allow development and deployment of adapted software Patient card The SESAM-Vitale system uses a microprocessor card (carte Vitale), which contains health insurance data for the insured person and their beneficiaries (e.g. children). The Vitale card is currently being replaced by a new one, the Vitale 2 card.
17 Personal medical record The DMP (Dossier Medical Personnel personal medical record) is an electronic secure personal medical record. It is accessible over the internet. The DMP includes a set of services that allow the patient and authorized healthcare professionals to share, in an electronic manner, anywhere and at any time, medical data that can be used for the coordination of medical treatments. The DMP may contain information such as medical history, allergies, previous medicine prescriptions, hospital care reports and results of medical examinations. According to the law, each insured citizen may have a DMP. However, it is not mandatory, and having a DMP is the patient s decision. The patient keeps control over his DMP: he authorizes access to healthcare professionals to his DMP. The patient has the possibility to close, delete, some or all document included in the DMP, or to hide some medical record. The DMP is both personal and shared, which conforms with patients rights, which pose as principle information, approval and confidentiality. The DMP is strictly reserved to the patient and authorized healthcare professionals. DMP access is prohibited for occupational health doctors, employers, insurances, banks The DMP keeps records of all access to each file. For the time being, DMP access by the patient is secured by a unique health identifier (different from the usual identifier used for health related administrative purposes) along with a password e-prescription An eprescription service, under the aegis of the French Order of Pharmacists is already running across the country. The pharmaceutical care record contains all information related to the issuing and consumption of pharmaceuticals to a patient and will eventually feed its information into the medication section of the DMP. As of June 2010, 8.5 million pharmaceutical records have been created across pharmacies in France TECHNOLOGY ASPECTS Healthcare professional cards Every healthcare professional is issued a CPS card (Carte de Professionel de Santé Healthcare Professional Card). These cards support authentication, signature and cryptography functions. They are used in a dual-slot e-health terminal to sign e-medical claim form combined with the patient/ Vitale card. The card is involved in the process of creating the FSE (Feuille de Soins Electronique Electronic Claim) used to transmit claims to the public health insurance and of the DRE (Demandes de Remboursement Electroniques Electronic reimbursement demand) used to transmit claims to the mutual or private insurance companies Terminals Patient cards The first version of Vitale was a smart card, based on a proprietary operating system, with an identification number, identity of the cardholder, the level of insurance and associated beneficiaries (children). Since 2007, cards in issue are called Vitale 2 with the following characteristics: n The card includes a new generation microprocessor enabling advanced cryptography, n The card is compliant with the IAS (Identification, Authentication and Signature) European standard, n The card is certified Common Criteria EAL4+, to guarantee its high level of security, n Identification number, name and a photo of the cardholder are printed on the card. Thanks to additional security elements in Vitale 2, compared with Vitale 1, a better patient identification and authentication can be performed. Countertop terminals are used by pharmacies, private healthcare professionals and hospitals. They are equipped with two or three card slots, and connect to a workstation via a USB port. Mobile terminals are used primarily by private nurses and doctors visiting patients at home. They have to be light and easy to use, with two or three card slots too. Portable terminals are powered by rechargeable batteries. There are also self service solutions (a kind of lightweight kiosk) used by patients to securely update their Vitale card. Self service solutions are autonomous terminals (with wired or wireless IP connection). They are equipped with a graphical display, for user convenience. In order to ensure a secure access to workstations and networks, hospitals need desktop readers: desktop readers are contact and/or contactless smart card readers, connected through USB to a workstation, enabling healthcare professionals to access to a workstation and to the hospital network relying on their card security. 17
18 2. German healthcare system Efforts at introducing an Electronic Health Record and other e-health services have a long history in Germany. The first version was the KVK (Krankenversichertenkarte health insurance card), launched in Due to the fact the KVK did not bear any picture of the cardholder, and its content was just plain memory without security, it had to be replaced by a more secure and efficient system. It is now replaced by a full ecosystem, centered around the egk (elektronische Gesundheitskarte Electronic Health Card), which brings security as well as additional functionalities STAKEHOLDERS Federal government The German Federal Parliament, the Federal Government through the Ministry of Health (Bundesgesundheitsminis - terium), and more globally federal institutions, are in charge of the legislative framework for the healthcare system. Germany is a federal state with three major levels of government: the Federation (Bund), 16 States (La nder), and several hundreds of local governments (municipalities and counties). A fundamental characteristic of the German political system in general and the health care system in particular is the sharing of decision-making powers between the La nder and the federal government 12. The Federal Ministry of Health stated it position in a paper entitled The German e-health Strategy. The document describes the target of the strategy as follows: The healthcare system in Germany is a system with a pressing demand for intensive communication between the different actors with the aim of achieving better collaboration and thus numerous positive results for the health of the citizens, the healthcare system and the State s economic situation Health insurances There are around 140 health insurance companies, all of them are public organizations. Healthcare insurances are supported by the governmentmanaged Gesundheitsfond (Healthcare fund), which collects payments from employers and employees, in addition to a direct tax-financed subsidy from the federal government. Then the fund distributes its income to the various public health insurance companies according to the morbidity structure of their insured. All healthcare insurances deliver the same service to patients, in terms of bearing the cost of treatments. However, some of them differentiate by choosing to support alternative types of care, such as acupuncture gematik Established in 2005, gematik, originally Gesellschaft fu r Telematik (Company for telematics) is a common structure owned 50% by healthcare providers (doctors, pharmacists, hospitals ) and 50% by payers (Statutory Health Insurance Funds Association and the Association of Private Health Insurance). Gematik is under the legal supervision of the Federal Ministry of Health. gematik performs various tasks in the implementation of the health card and telematics infrastructure. gematik focuses on three core competencies: designing, permitting and operational responsibility. The focus of the work is always the interest of the patient in terms of data protection and informational self-determination of the insured. gematik role is to: n Establish the technical specification of the required data formats, services and components for the telematics infrastructure, n Organize testing and certification of services and components (provided or supplied via the industry), n Operate part of the telematics infrastructure. Tests are run according to gematik specifications by private laboratories under the supervision of the BSI (Bundesamt fur Sicherheit in der Informationstechnik Federal Office for Information Security).
19 2.2. TECHNOLOGY ASPECTS The German government is introducing electronic Health Cards (electronische Gesundheits-karte or egk) for all insured citizens. The electronic chip in these smart cards contains personal data, insurance details and medical history records. German health insurance companies issue electronic Health Cards (egk) to patients insured by them. The card is used by the cardholders, when they use health care services, which are covered by the insurance. A picture of the patient is printed on the card in order to support identification 14. The ehc contains data for: n Cardholder identification, n Contractual and financial information to be exchanged between cardholder and healthcare provider and/or the health insurance company, n Medical data, including electronic prescriptions, if the application is available and if the cardholder requires so, n Optionally, an emergency data set that can be read offline. The chip, thanks to its cryptographic capabilities contains all these data in a secure manner. In addition, the chip store cryptographic keys that are used to ensure the authenticity of the card, and the readers it may meet. These keys are also used for data encryption. The back side of the egk features European Health Insurance Card (EHIC) data Terminal for health cards The specification of the egk drives the terminal functionalities 16 : n When a patient card is used by a healthcare professional, there must be a mutual authentication between the ehc and a Health Professional card (HPC) or a security module card (SMC), n When a patient card is used by the patient himself (e.g. for online update of contract data in the card), there must be a Mutual Authentication between the ehc and a security device, n Cardholder is to be identified by use of one of two PINs, called PIN.CH and PIN.home (which of these PINs is relevant depends on the service the cardholder wants to use). Healthcare dedicated terminals must have a physical security protection, and be protected against drilling. They enclose several security modules, used for the various secure functions of healthcare applications. Most terminals support TCP/IP, and are also able to switch to PSTN for data transmission, which is encrypted in SSL mode. Terminals are equipped with a Pinpad and a display, and generally do not include a printer. All terminals have to be approved by gematik. 19
20 3. Other European healthcare systems 3.1. GLOBAL APPROACH Under a global European approach, governments are inclined to use a smart card to allow patients to make use of their health insurance rights when visiting a healthcare professional. However, even if the German and French examples use a dedicated card, the current trend, in several countries, is to consider the healthcare project as an extension of a national electronic ID card. In some cases, the healthcare card has been used as the starting point for the definition of a national ID card, or an e-id card, used online to access government services. Besides being a credential for citizens to justify their rights and to obtain a treatment, several applications are added on e-health schemes: n e-prescriptions, n Secure messaging, allowing a secure data communication between healthcare professionals, n Telemedicine EXAMPLES OF OTHER HEALTHCARE SYSTEMS IN EUROPE Austria Belgium The Austrian healthcare system is characterized by the federalist structure of the country, the delegation of competencies to self-governing stakeholders in the social insurance system as well as by cross-stakeholder structures at federal and La nder level which possess competencies in cooperative planning, coordination and financing. According to the Federal Constitution, almost all areas of the healthcare system are primarily the regulatory responsibility of the federal government. The most important exception is the hospital sector: in this area, the federal government is only responsible for enacting basic law; legislation on implementation and enforcement is the responsibility of the nine La nder 17. At the national level, Austria is in the process of developing an electronic health record: ELGA (Elektronische Gesundheit - sakte). The electronic health card (e-card) is the central key to the benefits of the Austrian social health insurance system. More than 8.6 million ecards have been issued and about contractual partners accept the card 18. Belgium has a healthcare system based on a compulsory social health insurance model. Healthcare is publicly funded and mainly privately provided. Patients have free choice of provider, hospital and sickness fund. The Federal Government regulates and supervises all sectors of the social security system, including health insurance. However, responsibility for almost all preventive care and health promotion has been transferred to the communities and regions 19. A fixed annual budget for compulsory health insurance and sectoral target budgets are set at federal and community level. The Belgian healthcare system provides comprehensive healthcare to almost all the population while maintaining a wide degree of choice for the insured and the providers. The health card has been in use since It will now be phased out, and social security and health insurance status verification will be offered through the e-health-platform as a value added web service, using the National eid card as access key providing identification and authentication. All functionalities related to the SIS card will become integrated into the eid. 20
21 Slovenia Slovenia maintains a Bismarck-type healthcare system, which was introduced for workers as an extension of a compulsory accident insurance system in The 1992 law laid the basis for a centralized compulsory health insurance system to be administered by the HIIS. By statute, the HIIS is the sole provider of compulsory insurance. The HIIS operates autonomously and is governed by elected representatives of employers and the insured 20. Appendix A: Sources 1. EHR Impact About ehealth ERA Interoperability Solutions for European Public Administration ehealthe-health European Interoperability Framework Interoperability Solutions for European Public Administration ehealthe-health European Interoperability Framework Author: Ilias Iakovidis, Deputy Head of the ICT for Health Unit, European Commission 6. HER Impact SESAM Vitale About ehealth ERA About ehealth ERA About ehealth ERA About ehealth ERA About ehealth ERA About ehealth ERA Common criteria portal gematik - %20EHR%20and%20IT%20Innovation%20Summit.pdf 16. Common criteria portal About ehealth ERA About ehealth ERA About ehealth ERA About ehealth ERA
SOLUTIONS FOR HEALTHCARE PROFESSIONALS AND GOVERNMENTS
SOLUTIONS FOR HEALTHCARE PROFESSIONALS AND GOVERNMENTS The number of people in need of medical care in the world is continuously increasing, as evidenced by the evolving demographic outlook in both developed
More informationWritten Contribution of the National Association of Statutory Health Insurance Funds of 16.11.2015
Written Contribution of the National Association of Statutory Health Insurance Funds of 16.11.2015 to the Public Consultation of the European Commission on Standards in the Digital : setting priorities
More informationSiemens Roadmap to ehealth
Siemens Roadmap to ehealth 4. th. ehealth national conference, Sofia Michael Gorgi June 26 th., 2007 Siemens Bulgaria Agenda ehealth? Evolution of ehealth Systems Siemens & ehealth Page 2 June 2007 Siemens
More informationElectronic medical records
Electronic medical records Country: France Partner Institute: Institut de Recherche et Documentation en Economie de la Santé (IRDES), Paris Survey no: (8)2006 Author(s): Chantal Cases, Philippe Le Fur
More informationTable of Contents. Page 1
Table of Contents Executive Summary... 2 1 CPSA Interests and Roles in ehealth... 4 1.1 CPSA Endorsement of ehealth... 4 1.2 CPSA Vision for ehealth... 5 1.3 Dependencies... 5 2 ehealth Policies and Trends...
More informationSmart Cards for Future Healthcare Systems. Secure, efficient, reliable
Smart Cards for Future Healthcare Systems Secure, efficient, reliable Card-based e-health networks: cutting costs and improving care All around the world, newspaper headlines warn about the exploding costs
More informationSmart Open Services for European Patients Open ehealth initiative for a European large scale pilot of patient summary and electronic prescription
Smart Open Services for European Patients Open ehealth initiative for a European large scale pilot of patient summary and electronic prescription Deliverable: Work Package Document WP3.7 D.3.7.2. FINAL
More informationEUROPEAN UNION OF GENERAL PRACTITIONERS/FAMILY PHYSICIANS UNION EUROPEENNE DES MEDECINS OMNIPRATICIENS/MEDECINS DE FAMILLE
EUROPEAN UNION OF GENERAL PRACTITIONERS/FAMILY PHYSICIANS UNION EUROPEENNE DES MEDECINS OMNIPRATICIENS/MEDECINS DE FAMILLE PRESIDENT: Dr. Ferenc Hajnal (Hungary) Dr. Eirik Bø Larsen (Norway) Dr. Francisco
More informationPolicy on the Appropriate Use of Telemedicine Technologies in the Practice of Medicine
Background and Introduction The Vermont Board of Medical Practice (the Board) is committed to protecting the public and to assisting its licensees to meet their professional obligations by providing quality
More informationQuestions & Answers. on e-cohesion Policy in European Territorial Cooperation Programmes. (Updated version, May 2013)
Questions & Answers on e-cohesion Policy in European Territorial Cooperation Programmes (Updated version, May 2013) This fact sheet was drafted jointly by INTERACT and European Commission (DG Regional
More informationEstate Planning and Patients' Rights in Cross-Border Healthcare
Directive 2011/24/EU on the application of patients rights in cross-border healthcare EPF for a patient-centred implementation Introduction These recommendations have been developed by the European Patients
More informationGreek ehealth Strategy under public consultation
Greek ehealth Strategy under public consultation Mina Boubaki Ministry of Health, IT Department ehealth Network, ehealth Forum Recent relevant Reforms Law 3892/2010 Electronic Recording of Prescription
More informationOpinion and recommendations on challenges raised by biometric developments
Opinion and recommendations on challenges raised by biometric developments Position paper for the Science and Technology Committee (House of Commons) Participation to the inquiry on Current and future
More informationInformation Governance and Management Standards for the Health Identifiers Operator in Ireland
Information Governance and Management Standards for the Health Identifiers Operator in Ireland 30 July 2015 About the The (the Authority or HIQA) is the independent Authority established to drive high
More informationOverview of the national laws on electronic health records in the EU Member States National Report for Lithuania
Overview of the national laws on electronic health records in the EU Member States and their interaction with the provision of cross-border ehealth services Contract 2013 63 02 Overview of the national
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES
EN EN EN COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 28.11.2008 COM(2008) 798 final COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE
More informationIntroduction. Fields marked with * are mandatory.
Questionnaires on introducing the European Professional Card for nurses, doctors, pharmacists, physiotherapists, engineers, mountain guides and estate agents(to competent authorities and other interested
More informationOracle WebCenter Content
Oracle WebCenter Content 21 CFR Part 11 Certification Kim Hutchings US Data Management Phone: 888-231-0816 Email: khutchings@usdatamanagement.com Introduction In May 2011, US Data Management (USDM) was
More informationEnabling Integrated Care
Enabling Integrated Care Harnessing personal health systems for better outcomes across the care continuum Briefing Note for a SmartPersonalHealth Workshop WoHIT, Thursday 18 March 2010, 13:00-17:00, Barcelona
More information5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES
5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES 5 FAM 141 PURPOSE (CT-IM-112; 07-30-2010) (Office of Origin: IRM/OPS/ITI/SI/IIB) The purpose of this FAM chapter is to enable the Department to
More information4 PAYMENT CARD SECURITY IN THE CONTEXT OF EUROPEAN HARMONISATION
4 PAYMENT CARD SECURITY IN THE CONTEXT OF EUROPEAN HARMONISATION The Observatory for Payment Cards Security took note of the development in 2005 of two proposals for harmonising card payments in Europe.
More informationPreventing fraud in epassports and eids
Preventing fraud in epassports and eids Security protocols for today and tomorrow by Markus Mösenbacher, NXP Machine-readable passports have been a reality since the 1980s, but it wasn't until after 2001,
More informationUnder European law teleradiology is both a health service and an information society service.
ESR statement on the European Commission Staff Working Document on the applicability of the existing EU legal framework to telemedicine services (SWD 2012/413). The European Society of Radiology (ESR)
More informationHow To Get Smart Cards From Atos
secure authentication and trusted identity delivering assurance and efficiency to every sector with CardOS Smart Card Solutions Your business technologists. Powering progress Delivering certainty through
More informationPosition Paper European Citizen Card: One Pillar of Interoperable eid Success
Position Paper European Citizen Card: One Pillar of Interoperable eid Success October 2008 Disclaimer Eurosmart takes reasonable measures to ensure the quality of the information contained in this document.
More informationeidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke
eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke Agenda eidas Regulation TR-03110 V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas
More informationCard enabled e-health network How to improve healthcare
Card enabled e-health network How to improve healthcare Dr. Elmar Fassbinder Patrick Melioris Bratislava, 25. Sept. 2008 Page 1 Agenda 1) The Vicious Circle in health care 2) Card enabled e-health Network
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationWhite Paper. From Policy to Practice: A Practical Guide to Implementing HIPAA Security Safeguards
From Policy to Practice: A Practical Guide to Implementing HIPAA Security Safeguards Abstract HIPAA requires a number of administrative, technical, and physical safeguards to protect patient information
More informationCompliance Response Edition 07/2009. SIMATIC WinCC V7.0 Compliance Response Electronic Records / Electronic Signatures. simatic wincc DOKUMENTATION
Compliance Response Edition 07/2009 SIMATIC WinCC V7.0 Compliance Response Electronic Records / Electronic Signatures simatic wincc DOKUMENTATION Compliance Response Electronic Records / Electronic Signatures
More informationCentral Agency for Information Technology
Central Agency for Information Technology Kuwait National IT Governance Framework Information Security Agenda 1 Manage security policy 2 Information security management system procedure Agenda 3 Manage
More informationElectronic records and electronic signatures in the regulated environment of the pharmaceutical and medical device industries
White Paper No 01 I December 2010 Implementation of 21 CFR Part 11 in the epmotion Software Electronic records and electronic signatures in the regulated environment of the pharmaceutical and medical device
More informationHealthcare Information Technology Infrastructures in Turkey
Healthcare Information Technology Infrastructures in Turkey G O KC E B. L A L EC I E RTURKMEN S R D C LT D BASED O N IMIA 2 0 1 4 YEA R B O O K E D I T I ON A RTICLE BY A. D O G AC 1, M. YUKSEL 1, G. L.
More informationWhy Use Electronic Transactions Instead of Paper? Electronic Signatures, Identity Credentialing, Digital Timestamps and Content Authentication
Why Use Electronic Transactions Instead of Paper? Electronic Signatures, Identity Credentialing, Digital Timestamps and Content Authentication Introduction By allowing the exchange of information more
More informationCellular Wireless technology: Creating a link between people and the healthcare community
Cellular Wireless technology: Creating a link between people and the healthcare community Introduction Demands on health-care systems worldwide have increased to the point where the delivery and cost of
More informationIHE Implementation Case Study: French Electronic Health Record Program
IHE Implementation Case Study: French Electronic Health Record Program Project Name French Electronic Health Record (DMP system-dossier Médical Personnel) developed, implemented and rolled out by ASIP
More informationETSI TR 102 071 V1.2.1 (2002-10)
TR 102 071 V1.2.1 (2002-10) Technical Report Mobile Commerce (M-COMM); Requirements for Payment Methods for Mobile Commerce 2 TR 102 071 V1.2.1 (2002-10) Reference RTR/M-COMM-007 Keywords commerce, mobile,
More informationElectronic Payment Schemes Guidelines
BANK OF TANZANIA Electronic Payment Schemes Guidelines Bank of Tanzania May 2007 Bank of Tanzania- Electronic Payment Schemes and Products Guidleness page 1 Bank of Tanzania, 10 Mirambo Street, Dar es
More informationCOCIR contribution to the public consultation on Personal Data Protection in the EU 1
COCIR contribution to the public consultation on Personal Data Protection in the EU 1 European Coordination Committee of the Radiological, Electromedical and Healthcare IT Industry Bd. A. Reyers 80, 1030
More informationFebruary 2015. Are You Ready for E-invoicing?
February 2015 Are You Ready for E-invoicing? CONTENT Introduction... 3 1. SME Pain Points...4 2. E-invoicing Market... 5 2.1 European e-invoicing market...5 2.2 U.S. e-invoicing market... 6 3. E-invoicing
More informationElectronic Signature Guidance
National Council for Prescription Drug Programs White Paper Electronic Signature Guidance Version 1.0 February 2014 This document provides clarification and guidance to the industry for the use of electronic
More informationFull Compliance Contents
Full Compliance for and EU Annex 11 With the regulation support of Contents 1. Introduction 2 2. The regulations 2 3. FDA 3 Subpart B Electronic records 3 Subpart C Electronic Signatures 9 4. EU GMP Annex
More informationehealth Interoperability Lab
MOTION Modeling and Testing for System and Service Solutions ehealth Interoperability Lab The Intelligent Medical Technology for Tomorrow » The key problem of ehealth is lack of interoperability. Systems
More informationMeeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)
Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Executive Summary...3 Background...4 Internet Growth in the Pharmaceutical Industries...4 The Need for Security...4
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationCOMMISSION DECISION. of XXX
EUROPEAN COMMISSION Brussels, XXX [ ](2014) XXX draft COMMISSION DECISION of XXX authorising the use of reimbursement on the basis of unit costs for actions requiring the conduct of clinical studies under
More informationCERTIMETIERSARTISANAT and C@RTEUROPE ELECTRONIC SIGNATURE SERVICE SUBSCRIPTION CONTRACT SPECIFIC TERMS AND CONDITIONS
CERTIMETIERSARTISANAT and C@RTEUROPE ELECTRONIC SIGNATURE SERVICE SUBSCRIPTION CONTRACT SPECIFIC TERMS AND CONDITIONS Please fill in the form using BLOCK CAPITALS. All fields are mandatory. 1 1. SUBSCRIBER
More informationElectronic Prescription Service. Guidance for community pharmacy contractors on implementing Release 1
Electronic Prescription Service The Electronic Prescription Service Guidance for community pharmacy contractors on implementing Release 1 Contents With about 1.3 million prescriptions now being issued
More informationResponse of the German Medical Association
Response of the German Medical Association To the Green Paper on mobile Health ( mhealth ) of the European Commission Berlin, 3 July 2014 Bundesärztekammer Herbert-Lewin-Platz 1 10623 Berlin We are grateful
More informationThe ELGA initiative: A plan for implementing a nationwide electronic health records system in Austria
The ELGA initiative: A plan for implementing a nationwide electronic health records system in Austria Georg Duftschmid, Wolfgang Dorda, Walter Gall Core Unit of Medical Statistics and Informatics Section
More informationHealthcare Coalition on Data Protection
Healthcare Coalition on Data Protection Recommendations and joint statement supporting citizens interests in the benefits of data driven healthcare in a secure environment Representing leading actors in
More informationEHR Glossary of Terms
EHR Glossary of Terms American Recovery and Reinvestment Act of 2009 (ARRA): budget bill enacted by Congress and signed by President Obama on February 17, 2009 that was designed to provide an economic
More informationBoard votes to establish standards for physicians who use telemedicine
STATE OF IOWA TERRY BRANSTAD, GOVERNOR KIM REYNOLDS, LT. GOVERNOR IOW A BO ARD OF MEDICINE MARK BOW DEN, E XECUTIVE DIRECTO R FOR IMMEDIATE RELEASE: October 10, 2014 CONTACT: Mark Bowden, ( 515) 242-3268
More informationNational Deployment Committee Activity Report
National Deployment Committee Activity Report Nation / Region Name: IHE Austria Deployment Committee Report Date Activity Report Issued: April 26 th, 2012 Mission of the National / Regional IHE initiative
More informationBrainloop Cloud Security
Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating
More informationComments on the 21 st Century Cures: Digital Health Care
Comments on the 21 st Century Cures: Digital Health Care July 22, 2014 The Pharmaceutical Research and Manufacturers of America (PhRMA) appreciates the opportunity to provide input to the House Energy
More informationElectronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust
Electronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust Imprivata Confirm ID and the DEA Interim Final Rule on EPCS Technology requirements to comply with the DEA
More informationNotice of Hearing. The rule may be reviewed at http://dsps.wi.gov/boards-councils/rulemaking/public- HearingComments/.
Notice of Hearing The Medical Examining Board announces that it will hold a public hearing on a permanent rule to create Chapter Med 24 relating to telemedicine at the time and place shown below. Hearing
More informationCard Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006
Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates September 2006 Copyright 2006 Entrust. All rights reserved. www.entrust.com Entrust is a registered trademark
More informationHow much do you pay for your PKI solution?
Information Paper Understand the total cost of your PKI How much do you pay for your PKI? A closer look into the real costs associated with building and running your own Public Key Infrastructure and 3SKey.
More informationThe future of (e)health in European Regions: A view by the Acting EU-Presidency
1 Directorate-General for the Organization of Health Care Institutions The future of (e)health in European Regions: A view by the Acting EU-Presidency EHTEL 2010 SYMPOSIUM 23 November 2010 Luc Nicolas
More informationΑthina Triantafyllidi, Director IDIKA S.A
Αthina Triantafyllidi, Director IDIKA S.A The Greek eprescription System is a nationwide widespread web based application for the creation, transmission, dispensing and monitoring of medicine prescriptions
More informationNew rule sets standards of practice for physicians who use telemedicine
STATE OF IOWA TERRY BRANSTAD, GOVERNOR KIM REYNOLDS, LT. GOVERNOR IOW A BO ARD OF MEDICINE MARK BOW DEN, E XECUTIVE DIRECTO R FOR IMMEDIATE RELEASE: June 3, 2015 CONTACT: Mark Bowden, (515) 242-3268 or
More informationConcerning: Norwegian Nurses Organisation s input to the Green Paper on Modernising the Professional Qualifications Directive
European Commission Directorate General Internal Market and Services Oslo, August 26th 2011 Concerning: Norwegian Nurses Organisation s input to the Green Paper on Modernising the Professional Qualifications
More informationSecurity Audit VIS Central System. Summary Report
Security Audit VIS Central System Summary Report 1 June 2012 1 1. INTRODUCTION 1.1 Visa information system The Visa Information System (VIS) is a system for the exchange of data on short-stay visas among
More informationMANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But
More informationGuidelines for the use of electronic signature
Republic of Albania National Authority for Electronic Certification Guidelines for the use of electronic signature Guide Nr. 001 September 2011 Version 1.3 Guidelines for the use of electronic signature
More informationGuidelines on Data Protection. Draft. Version 3.1. Published by
Guidelines on Data Protection Draft Version 3.1 Published by National Information Technology Development Agency (NITDA) September 2013 Table of Contents Section One... 2 1.1 Preamble... 2 1.2 Authority...
More informationPayments Transformation - EMV comes to the US
Accenture Payment Services Payments Transformation - EMV comes to the US In 1993 Visa, MasterCard and Europay (EMV) came together and formed EMVCo 1 to tackle the global challenge of combatting fraudulent
More informationLindsey Gilpin, Chair, English Board, On behalf of the Royal Pharmaceutical Society
Response by the Royal Pharmaceutical Society to the European Commission s Concept paper on the Delegated Act on the detailed rules for a unique identifier tor medicinal products for human use, and its
More informationRackspace Archiving Compliance Overview
Rackspace Archiving Compliance Overview Freedom Information Act Sunshine Laws The federal government and nearly all state governments have established Open Records laws. The purpose of these laws is to
More informationImplementing Transparent Security for Desktop Encryption Users
Implementing Transparent Security for Desktop Encryption Users Solutions to automate email encryption with external parties Get this White Paper Entrust Inc. All All Rights Reserved. 1 1 Contents Introduction...
More informationIntelligent Systems for Health Solutions
Bringing People, Systems, and Information Together Today s health organizations are increasingly challenged to accomplish what we call the triple aim of effective healthcare: deliver higher quality care
More informationDocument process management solutions for MiFID compliance
Adobe Technical White Paper produced in conjunction with Equiduct Document process management solutions for MiFID compliance Adobe technology provides document process management solutions, enabling investment
More informationGuidance on standard scales of unit costs and lump sums adopted under Article 14(1) Reg. (EU) 1304/2013
EUROPEAN COMMISSION European Social Fund Guidance on standard scales of unit costs and lump sums adopted under Article 14(1) Reg. (EU) 1304/2013 Version of June 2015 Please consult http://ec.europa.eu/esf/sco
More informatione-health Initiative Lina Abou Mrad MBA, PMP Director, National E-Health Program Health Insight 4 -March 2014
e-health Initiative Lina Abou Mrad MBA, PMP Director, National E-Health Program Health Insight 4 -March 2014 What is E-Health? The term e-health was barely in use before 1999 Terms such as medical informatics,
More informationesign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?
esign FAQ 1. What is the online esign Electronic Signature Service? esign Electronic Signature Service is an innovative initiative for allowing easy, efficient, and secure signing of electronic documents
More informationEHR STRATEGY FINLAND. Kari Harno Helsinki University Central Hospital
EHR STRATEGY FINLAND Kari Harno Helsinki University Central Hospital The Nordic Welfare Model In Finland this model includes: universal coverage of services universal social security scheme health insurance
More informationHow To Help Your Health Care Provider With A Health Care Information Technology Bill
875 Greentree Road Pittsburgh, PA 15220 QuestDiagnostics.com Quest Diagnostics Statement on the Pennsylvania Health Information Technology Act (Senate Bill 8) to the Senate Communications & Technology
More informationGuide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid)
The World Internet Security Company Solutions for Security Guide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid) Wherever Security relies on Identity, WISeKey has
More informationHow To Protect Your Privacy On The Net
International Working Group on Data Protection in Telecommunications Report and Guidance on Data Protection and Privacy on the Internet "Budapest - Berlin Memorandum" adopted at the 20th Meeting in Berlin,
More informationSOUTH-WEST EUROPE 21
21 SOUTH-WEST EUROPE SOUTH-WEST EUROPE Croatia, Cyprus, Greece, Italy, Malta, Portugal, Slovenia, Spain Access to medicines and medical devices in Mediterranean EU Member States As members of the EU, all
More information5. 16. Health Law in Canada. Constitutional Division of Power
Health Law in Canada Health care in Canada is a complex subject, some health care services are public, some are private and there are a number of different entities involved in regulating and providing
More informationPosition Paper. issuers. how to leverage EC s regulation proposal. on interchange fees for card-based payment transactions
Position Paper issuers how to leverage EC s regulation proposal on interchange fees for card-based payment transactions The issuing landscape has dramatically changed over the last few years increased
More informationOVERVIEW. stakeholder engagement mechanisms and WP29 consultation mechanisms respectively.
Joint work between experts from the Article 29 Working Party and from APEC Economies, on a referential for requirements for Binding Corporate Rules submitted to national Data Protection Authorities in
More informationTHE IMPORTANCE OF EMAIL ENCRYPTION IN THE HEALTHCARE INDUSTRY
THE IMPORTANCE OF EMAIL ENCRYPTION IN THE HEALTHCARE INDUSTRY EXECUTIVE SUMMARY Email is a critical business communications tool for organizations of all sizes. In fact, a May 2009 Osterman Research survey
More informationTHE IMPORTANCE OF EMAIL ENCRYPTION IN THE HEALTHCARE INDUSTRY
THE IMPORTANCE OF EMAIL ENCRYPTION IN THE HEALTHCARE INDUSTRY EXECUTIVE SUMMARY Email is a critical business communications tool for organizations of all sizes. In fact, a May 2009 Osterman Research survey
More informationHEAL NY Phase 5 Health IT RGA Section 7.1: HEAL NY Phase 5 Health IT Candidate Use Cases Interoperable EHR Use Case for Medicaid
HEAL NY Phase 5 Health IT RGA Section 7.1: HEAL NY Phase 5 Health IT Candidate Use Cases Interoperable EHR Use Case for Medicaid Interoperable Electronic Health Records (EHRs) Use Case for Medicaid (Medication
More informationOracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009
Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications
More informationAn order of the Medical Examining Board to create chapter Med 24 relating to telemedicine.
STATE OF WISCONSIN MEDICAL EXAMINING BOARD IN THE MATTER OF RULEMAKING : PROPOSED ORDER OF THE PROCEEDINGS BEFORE THE : MEDICAL EXAMINING BOARD MEDICAL EXAMINING : ADOPTING RULES BOARD : (CLEARINGHOUSE
More informationPRIME IDENTITY MANAGEMENT CORE
PRIME IDENTITY MANAGEMENT CORE For secure enrollment applications processing and workflow management. PRIME Identity Management Core provides the foundation for any biometric identification platform. It
More informationComSignTrust e-signing Solutions
ComSignTrust e-signing Solutions Agenda Comda group introduction Our e-signing solutions e-idas central signing compliance ComSignTrust's Icon government clients Other success stories 2 ComSignTrust company
More information2.2 The Security of Electronic Medical Records (EMR) DOH, the Executive Yuan August 19, 2009
Topic 2: Privacy Protection and Ensuring Security of Network Applications or Services 2.2 The Security of Electronic Medical Records (EMR) DOH, the Executive Yuan August 19, 2009 1 Agenda 1. The Vision
More informationMasterCard Contactless Reader v3.0. INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0
MasterCard Contactless Reader v3.0 INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0 Introduction to MasterCard Contactless Reader v3.0 Contents 1. Introduction...2 2. Background...3 2.1 Reader Applications...3
More informationThe Impact of 21 CFR Part 11 on Product Development
The Impact of 21 CFR Part 11 on Product Development Product development has become an increasingly critical factor in highly-regulated life sciences industries. Biotechnology, medical device, and pharmaceutical
More informationAstaro Services AG Rheinweg 7, CH-8200 Schaffhausen. Supplementary data protection agreement. to the license agreement for license ID: between
Astaro Services AG Rheinweg 7, CH-8200 Schaffhausen Supplementary data protection agreement to the license agreement for license ID: between...... represented by... Hereinafter referred to as the "Client"
More informationFeasibility Study for a EU Pension Fund for Researchers. European Commission Research Directorate-General
Feasibility Study for a EU Pension Fund for Researchers European Commission Research Directorate-General Executive Summary n RTD/DirC/C4/2009/026879 1 Executive Summary This report covers the main results
More informationPAYMENT SERVICES AND SYSTEMS ACT (ZPlaSS) CHAPTER 1 GENERAL PROVISIONS SUBCHAPTER 1 CONTENT OF THE ACT. Article 1. (scope)
Legal notice All effort has been made to ensure the accuracy of this translation, which is based on the original Slovenian text. All translations of this kind may, nevertheless, be subject to a certain
More informationHitachi s Plans for Healthcare IT Services
Hitachi Review Vol. 63 (2014), No. 1 41 Hitachi s Plans for Healthcare IT Services Masaru Morishita Kenichi Araki Koichiro Kimotsuki Satoshi Mitsuyama OVERVIEW: The soaring cost of healthcare has become
More informationPreventive health-care system in France : Organisation, financement
Preventive health-care system in France : Organisation, financement Dr Martine Le Quellec-Nathan Sous-directrice Direction générale de la Santé Ministère de la santé et de la protection sociale VHPB Veyrier
More information