The following items have been realised: Dual role Smart Card for both patients and health practitioners, Dedicated Smart Card Reader, PC attached, Set of software drivers and applications for the personalization (initial activation) and standard operation of the Smart Cards and Reader Smart Cards are equipped with microprocessors featuring cryptographic capabilities where the whole framework is security is based. Cryptography is of asymmetric type (Elliptic Curves Cryptosystem) and it is part of a Public Key Infrastructure.
It is worth to briefly describe the role of the two different types of smart card, Health Professional Smart Card and Patient Smart Card:
- The first one provides access to decision support system and access privileges according to specialty defined. Mainly it is used as an ID and consequently as a token of registration to HEARTS statistics archive.
- The Patient Smart Card, instead, is mainly a static data carrier with some memory areas that can be upgraded according to patient's medical history, providing - in this way - a cross-sector interoperability by merging insurance and medical data.
An important characteristics of the smart card approach within the central management system is the multilevel authentication function based on cryptography by using a Security Module (SM) installed in the Reader, verifying the Card Holder's ID by PIN insertion already encoded and digitally signed in the card's memory area.
The data involved are both visual (such as photo, name) and encoded (as serial number, name, PIN, secret keys and others).
More information on the HEARTS project can be found at: http://heartsproject.datamat.it/hearts.