Tags: electronic signature

Electronic informed consent for clinics willing to become paperless

05 Dic 2012

The medical informed consent is a document in which a patient expresses freely and consciously conformity regarding a medical procedure that affect their health, after the doctor has explained the details and risks involved in this procedure. It is a patient’s right and obligation for health services.

The medical informed consent in Spain is regulated by Law 41/2002 and Law 14/2007, on biomedical research and there are many types of consents, affecting many areas and processes of an hospital. These documents usually have multiple pages, and, due to the important number of consents that are generated every day, are a key to start the paperless strategy in this area. It typically requires at least two signatures: the patient’s one, who then signed the document freely once he’s properly informed, and medical staff’s one (doctor, anesthetist …).

Well, in viafima, we propose automate this whole process by electronic signature software.

While the medical staff signature could be easily executed with electronic signatures with digital certificates, this is more complicated in the case of the patient, as it can not be assumed that he has a digital certificate, or even know how to use it. Also, we need to count on the additional complexity of the certificate holder, as the signing of informed consent is usually done at the medical center, which almost overrides the use of software certificates, which must be installed on the computer that would perform the signature, hence, in the case of wanting to perform the informed consent signing with a client certificate, this should be done in hardware support (throught a cryptographic card).

In practice, this usually involves the use by patients of the digitalized signature, biometric capture of the the user’s handwritten signature that is inserted into the electronic document, storing a series of legal evidence in order to safeguard the legal coverage of the signed document.

For medical staff, it can be used both the electronic signature with certificates (which also allows, for example, make a batch signing of all-of-the-day informed consents in a single operation) and the digitalized signature of various documents.

Our solutions and specifically in this case, our solution for electronic informed consent in medical centers, allows to isolate the apps of the complexity of using digital signatures in third applications. In addition, our platform viafirma platform allows the integration for introducing both electronic signature and digitalized signature with full security and biometric data capture. In the case of the digitalized signature, supports both the signature capture devices as Topaz (integrated with desktop computers or Tablet PCs), as Apple iPad and Android tablets, which ensure the necessary capacity to capture sufficient resolution to store a precise points cloud associated with the signature.

In summary, here you are with a good solution to finish the amount of paper that some clinics have only for the traditional informed consents.

XAdES Plugtest Remote Event – XML Advanced Electronic Signatures

26 Mar 2012

As we announced in the PAdES post, ETSI Centre for Testing and Interoperability (CTI) is organizing a new Remote Plugtests Interop events for XAdES Signatures from 14th March to 28th March 2012.

This Remote event aims at conducting interoperability test cases on XAdES signatures (TS 101 903) and the XAdES Baseline Profile (TS 103 171).

This testing will provide full test coverage of the both specifications including testing signatures evolution, simulating real life situations.

This Plugtests event will enable participants to conduct 4 types of tests (Interoperability and Conformance):

  • Generation and cross-verification (Positive) tests
  • Only-verification (Negative) tests
  • Signature Upgrade tests
  • Conformance testing on XAdES Baseline Profile signatures

Plugtest XAdES

The purpose of these events is:

  • To enable participants to assess the level of interoperability of XAdES.
  • To identify additional issues that should be taken into account in future XAdES standardisation activities.
  • To improve the quality of XAdES specifications.
  • To ease the introduction of XAdES signatures, by providing the means to solve interoperability problems before widespread deployment..

You can get more information on plugtests portal for electronic signatures:  http://xades-portal.etsi.org/pub/index.shtml

As shown in our website, we can provide you a little description about de XAdES profiles differing in protection level offered. Each profile includes and extends the previous one:

  • XAdES, basic form just satisfying Directive legal requirements for advanced signature;
  • XAdES-T (timestamp), adding timestamp field to protect against repudiation;
  • XAdES-C (complete), adding references to verification data (certificates and revocation lists) to the signed documents to allow off-line verification and verification in future (but does not store the actual data);
  • XAdES-X (extended), adding timestamps on the references introduced by XAdES-C to protect against possible compromise of certificates in chain in future;
  • XAdES-X-L (extended long-term), adding actual certificates and revocation lists to the signed document to allow verification in future even if their original source is not available;
  • XAdES-A (archival), adding possibility for periodical timestamping (e.g. each year) of the archived document to prevent compromise caused by weakening signature during long-time storage period.

After this, you may be interested in free downloading one of our  development kits for Java, .NET or PHP from our website for developers to electronically sign on XAdES format.