Microcrypt Technologies Ltd.

eHealth Card System

«eHealth Card System» is a support system for the Electronic Health Card.

The multifunctional smart card «Social Card» that we have developed supports the «Health Insurance» application. This application is intended to improve the efficiency and privacy of insured persons servicing, both within the insurance companies and medical institutions. This application allows to identify a card holder operatively and reliably when he or she visits an office of the insurance company, clinic or pharmacy, on the condition that the offices are equipped by the appropriate subsystems of the «Hospital system». On the other hand, the smart card usage allows a patient to remotely acquainted with the history of the disease (electronic health records − eHR), make an appointment to a doctor, and even receive remote consultations, as well as to monitor the financial expenses of insurance coverage for his treatment and perform self-payments for medical services in electronic form. It is natural that all remote communications are performed in a secure manner with robust encryption and authentication algorithms.

This card supports the digital signature application, which is serviced by the accredited certification authority (CA "Cryptomach" Ltd.), so the card can be used for the patient's legally meaningful signature of electronic documents that allow access of certain specialists to his/her medical records, as well as signature of documents confirming the patient passage of assigned or paid treatments, or his/her consent to critical treatments or operations.

In addition to use the card directly in hospitals, it can be used to provide emergency medical care. The card provides information about the patient's blood group, his allergic reactions, medications being taken in the current treatment. All this information can be indispensable if the emergency doctor on duty does not have a reliable communication channel with a central server of the «Hospital system», but a help the victim should be provided immediately.

Taking into account that the health status information of each person is his/her personal confidential information, it should be disclosed only with the consent of the patient and to healthcare professionals only. On the other hand, the victim who needs an emergency help can be in an unconscious state. Therefore an authenticate is required to read the information for emergency medical aid from the card. The authentication can be done on behalf of the card holder (by entering his/her PIN-code) or on behalf of the emergency doctor, using physician personal SAM-module ("HealthCare Read SAM"). When the "ambulance" SAM-module is used, it performs the mutual authentication between SAM-module and the patient card. The successful authentication allows the card to "open" the medical information and the doctor to be sure of the veracity of this information.

The most important task of the patient's health care is to ensure the accuracy of information provided on the card, so the information that must be written to the card is signed by responsible physician and loaded to the card only after the consent of the patient. The card holder consent is confirmed by PIN-code entering. Loading the information to the card is possible only from relevant "Health care synchronization server", which uses the "synchronization" SAM-module ("HealthCare Write SAM"). This SAM-module performs mutual authentication with the card to "confirm" its authority to load the medical data into the card and verify the card's authenticity. All communication with the card is encrypted, due to this the data synchronization on the card can be done remotely, without necessity to visit a clinic only for updating the results of analyzes on the card.

The above hardware-software security complex was developed by us for integration with the «Hospital system». Ultimate goal of the complex is to improve the health care efficiency of insured patients and protection of their personal health information through the use of personal "Health Insurance Card" («Social Card»).

The complex consist:

  • Dual interface smart card «Social Card» with "Health Insurance" application;
  • Contact card reader is used in hospitals, as well as for remote access from home or office;
  • Contactless ID card reader («SPACER») is used in hospitals for rapid and reliable identification of patients to search their "electronic health records" (eHR);
  • "Synchronization" SAM-module ("HealthCare Write SAM") is used for updating of medical information on the card;
  • "Ambulance" SAM-module ("HealthCare Read SAM") is used to read the medical information from the card without the PIN-code based authentication of the card holder;
  • Software "Synchronization server of medical information";
  • Software "Card holder medical information";
  • Software "Ambulance".

Hardware-software complex «eHealth Card System» has a flexible modular structure, which enables customization and extension of its functionality. The complex can be integrated with other health care information systems.