Security Infrastructure Requirements for Electronic Health Cards Communication
Communication and co-operation processes in the healthcare and welfare domain require a security infrastructure based on set-vices describing status and relation of communicating principals as well as corresponding keys and attributes. Additional services provide trustworthy information on dynamic issues of communication and co-operation such as time and location of processes, workflow relations, integrity of archives and record systems, and system behaviour. To provide this communication and co-operation in a shared care, environment, smart cards are widely used. Serving as storage media and portable application systems, patient data cards enable patient-controlled exchange and use of personal health data bound to specific purposes such as prescription and disease management. Additionally patient status data such as the emergency data set or immunization may be stored in, and communicated by, patient data cards. Another deployment field of smart cards is their token functionality within a security framework supporting basic security services such as identification, authentication, integrity, confidentiality, or accountability using cryptographic algorithms. In that context, keys, certificates, and card holder's attributes might be stored in the card as well. As an example, the German activity of introducing patient health cards and health professional cards is presented. Specification and enrolment aspects are on-going processes.