1 / 16

Het Persoonlijk Gezondheidsnummer (Numéro Personnel d’Identification Santé)

Prof. Dr. G. De Moor 25/09/2006. Het Persoonlijk Gezondheidsnummer (Numéro Personnel d’Identification Santé). The HEPI-GO project: “a Proof of Concept Project”. 1 Dec.2005 - 1 Jul. 2006 HEPI: Health Electronic Personal Identifier (Solution within the existing legal framework)

genera
Download Presentation

Het Persoonlijk Gezondheidsnummer (Numéro Personnel d’Identification Santé)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Prof. Dr. G. De Moor 25/09/2006 Het Persoonlijk Gezondheidsnummer(Numéro Personnel d’Identification Santé)

  2. The HEPI-GO project: “a Proof of Concept Project” • 1 Dec.2005 - 1 Jul. 2006 • HEPI: Health Electronic Personal Identifier(Solution within the existing legal framework) • Tranformation function INSS to HEPI Prof. Dr. G. De Moor

  3. Often confused topics • Health Professional “Identification” • Context: authorization (broad sense) in Healthcare • Security tool • “Identify” a person as HCP (actually authenticate a person in a HCP role) in order to “authorize” him to perform an action • Technical: Credentials linked to persons • Patient Identifiers • Context: data-management (continuity of care) • NOT a security tool (authentication or authorization) • Technical: Uniform reference to the object (i.e. patient) of medical data (a number referring to a person) Prof. Dr. G. De Moor

  4. Need and Context Europe • Interoperability (cf. eHealth Action Plan CEC/EU) • “Cradle to grave” patient identification number seen as an enabler for eHealth efficiency and patient safety • Priority in many countries • Most countries use National Number Situation in Belgium • No unified approach to patient identification(Patient ID locally defined) Prof. Dr. G. De Moor

  5. Identifiers in Belgium • National Number (RRN/NRN) • Identification Number for Social Security (INSZ/NISS)(“extension” of NN) • NN, INSS as HEPI, not recommended (legally): • Legal framework • Advice CBPL • Advice Counsel of Europe • Other (INSZ not meaningless) •  HEPI-GO: INSS-based HEPI Prof. Dr. G. De Moor

  6. Broader view on HEPI-GO 2 (strongly related) Topics within HEPI-GO • The patient identifier: Primary HEPI creation • Algorithms • ... • Operational aspects • Generation / Distribution • Management • ... Prof. Dr. G. De Moor

  7. Operational Aspects • Patient Identifier • From cradle to grave • Should not complicate existing procedures(HEPI = efficiency) • Existing carriers of identifiers • SIS (Social Security Card) • eID (by 2009) Prof. Dr. G. De Moor

  8. HEPI Choices • One identifier within the care domain • Distribution: • Central HEPI Conversion Service (fits BeHealth vision) • Can provide trust required because of algorithmic constraints • Allows (limited) control of HEPI generation • Care providers can store HEPI as administrative data in their records(only minimum number of conversions needed) • Patient can carry his HEPI around(e.g. on a hospital patient-card) • Remember: • The HEPI is not suited for protecting privacy! Prof. Dr. G. De Moor

  9. Micro-ID-domains within Care (IDM related) • Not Recommended Prof. Dr. G. De Moor

  10. HEPI: INSS Transformation • Design Constraints formulated by stakeholders • The transformation from INSS to HEPI should be “irreversible” • Different interpretations of “irreversible” • Only authorized parties should be able to perform the transformation • The “primary HEPI” must be manually and automatically processable • The INSS transformation should be strictly collision free Prof. Dr. G. De Moor

  11. HEPI: INSS Transformation • Not all design requirements can be met at the same time • Two different approaches, with different tradeoffs are proposed in the report: • A solution based on symmetric encryption(Collision-free, but not one-way) • A solution based on one-way functions(Requiring a centralized database to become collision free) Prof. Dr. G. De Moor

  12. Candidate Solution based on Symmetric Cipher Prof. Dr. G. De Moor

  13. Candidate Solution based on HASH/MAC • Very similar to assigning random HEPIs Prof. Dr. G. De Moor

  14. Summary Prof. Dr. G. De Moor

  15. Summary • HEPI-GO scope: transformation of INSS into HEPI • Scope interpreted broader • HEPI not suitable for protecting privacy • Operational • Single HEPI for the care domain • Centralised Management • Conversion algorithm • No fully satisfying solution has been found • … Prof. Dr. G. De Moor

  16. Summary • Conversion algorithm (continued) • The proposed algorithm meets the HEPI-GO requirements quite well • But offers virtually no benefits over the obvious solution based on a translation table and randomly generated HEPIs • Can be used for generating “secondary” HEPIs towards other domains Prof. Dr. G. De Moor

More Related