• Document/data exchange associated with healthcare document requiring HIPAA compliance.
• Judicial transactions like TRO’s (Temporary Restraining Order) etc.
• Financial Disclosure Documents
• Documents associated with Federal or State approval i.e. FDA, FAA etc.
• Documents associated with sensitive national security matters used by Local, State, Federal and International government agencies.

In this paper we will provide a brief introduction to digital certificate technology and its evolution followed by outlining why forms based workflow is critical to automate workflows involved in most of the situations outlined above. Next we will consider evolution of electronic filing and the workflow associated with electronic document/data exchange. Finally we will outline the new frontier that is taking shape where identity management using digital certificate can be utilized to authenticate users and their roles to create a paperless workflow maintaining the privacy and legal requirements that are essential to these processes.

EVOLUTION OF ELECTRONIC SIGNATURE AND DIGITAL AUTHENTICATION:

• National Institute of Standards and Technology (NIST) established a federal digital signature standard (DSS) during the period 1991-94.
• Many U.S. States established legal frameworks for digital signatures, most of them based on Utah's legislation (1995). See Biddle (1996) for a commentary on matters of concern about the Utah model, including privacy aspect.
• On Oct. 1, 2000, the U.S. Electronic Signatures in Global and National Commerce Act went into effect. The so-called e-signature law allows for electronic signatures to be as legally binding as handwritten signatures.

In the next paragraphs we will outline the significance of legal precedence associated with signature and evolution of digitally authenticated documents.

SIGNATURES AND THE LAW

According to ABA, “a signature is not part of the substance of a transaction, but rather of its representation or form”. Signature serves the following general purposes:

• Evidence: Signatures authenticate a writing by identifying the signer with the signed document. A signature is a distinctive mark used by the signer that makes the writing attributable to the signer.
• Approval: In certain contexts defined by law or custom, a signature expresses the signer's approval or authorization of the writing, or the signer's intention that it has legal effect.. A signature on a written document can impart a sense of clarity and finality to the transaction and may lessen the subsequent need to inquire beyond the face of a document.

The formal requirements for legal transactions, including the need for signatures, vary in different legal systems, and with the passage of time. Sometimes it is necessary to use a Notary to authenticate the signer's signature on a paper.

To summarize the basic purposes of signatures outlined above, a signature must have the following attributes according to ABA:

• Signer Authentication: A signature should, indicate the signer of the document, message or record, and should be difficult for another person to produce without authorization.
• Document Authentication: A signature should identify what is signed, making it impracticable to falsify or alter either the signed matter or the signature without detection.

Digital signature technology generally surpasses paper technology in all these attributes. To understand why, one must first understand how digital signature technology works.

HOW DIGITAL SIGNATURE TECHNOLOGY WORKS

• Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key.
• Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.
• To sign a document or any other item of information, the signer first delimits precisely the borders of what is to be signed. The delimited information to be signed is termed the "message" in these Guidelines. Then a hash function in the signer's software computes a hash result unique (for all practical purposes) to the message. The signer's software then transforms the hash result into a digital signature using the signer's private key. The resulting digital signature is thus unique to both the message and the private key.

PUBLIC KEY CERTIFICATES

To verify a digital signature, the verifier must have access to the signer's public key and have assurance that it corresponds to the signer's private key. However, a public and private key pair has no intrinsic association with any person; it is simply a pair of numbers. Some convincing strategy is necessary to reliably associate a particular person or entity to the key pair.

In a transaction involving only two parties, each party can simply communicate (by a relatively secure "out-of-band" channel such as a courier or a secure voice telephone) the public key of the key pair each party will use. Such an identification strategy is no small task, especially, when the parties are geographically distant from each other, normally conduct communication over a convenient but insecure channel such as the Internet, are not natural persons but rather corporations or similar artificial entities, and act through agents whose authority must be ascertained. As electronic commerce increasingly moves from a bilateral setting to the many-on-many architecture of the World Wide Web on the Internet, where significant transactions will occur among strangers who have no prior contractual relationship and will never deal with each other again, the problem of authentication/nonrepudiation becomes not merely one of efficiency, but also of reliability. An open system of communication such as the Internet needs a system of identity authentication to handle this scenario.

CHALLENGES AND OPPORTUNITIES

The prospect of fully implementing digital signatures in general commerce presents both benefits and costs. The costs consist mainly of:

• Institutional overhead: The cost of establishing and utilizing certification authorities, repositories, and other important services, as well as assuring quality in the performance of their functions.
• Subscriber and Relying Party Costs: A digital signer will require software, and will probably have to pay a certification authority some price to issue a certificate.
• Hardware to secure the subscriber's private key: There may be cost associated with securing the digital certificate on part of signer.
• Digital certificate verification cost: Persons relying on digital signatures will incur expenses for verification software and perhaps for access to certificates and certificate revocation lists (CRL) in a repository.

• Identity theft: The possibility of identity theft is eliminated except in case of loss of digital certificate;
• Imposters, by minimizing the risk of dealing with imposters or persons who attempt to escape responsibility by claiming to have been impersonated;
• Message integrity, by minimizing the risk of undetected message tampering and forgery, and of false claims that a message was altered after it was sent;
• Formal legal requirements, by strengthening the view that legal requirements of form, such as writing, signature, and an original document, are satisfied, since digital signatures are functionally on a par with, or superior to paper forms; and
• Open systems, by retaining a high degree of information security, even for information sent over open, insecure, but inexpensive and widely used channels. The most widely used standard for digital certificates is X.509.

FORMS RUN ORGANIZATIONS & ELECTRONIC FORMS MAKE IT SIMPLE AND PAPERLESS

From Courts to healthcare, from manufacturing to financial institutes, everyone uses forms. But the sheer mass of paper generated by excess printing and the lack of error protection inherent in a paper-based form workflow makes it costly and impractical.

Electronic forms like XForms, InfoPath were created to solve these problems and eliminate cost and inefficiencies associated with paper forms.
Using paper forms invites disorder, filing mistakes, damage, loss, waste, and other complications. To solve these problems, organizations could format their documents into HTML for publication on the web, but this is a costly and time-consuming process. What's more, the user remains unable to submit documents directly to the recipient from the computer screen, but instead can only print them out to mail or fax, resorting again to paper - and all of its attendant costs. Most organizations use forms to collect data from customers, employees, vendors, and contractors. Forms contain information that need to be processed, secured, and acted upon for a variety of purposes. To be effective, forms-based processes should be flexible to meet an organization's needs. They should be efficient in getting input and approval from everyone involved, and equipped to allow collaboration among several people or departments. Approval and validation of forms by multiple authorities is an important part of workflow used by number of organizations. The data exchange needed between the forms and line of business applications has resulted in development of XMLschemas that have become standard for different industries. In following paragraphs we have outlined few of the standards:

LEGAL XML STANDARD DEVELOPMENT:
THE GLOBAL JUSTICE XML DATA MODEL (GLOBAL JXDM):
The Global Justice XML Data Model (Global JXDM) is intended to be a data reference model for the exchange of information within the justice and public safety communities. The Global JXDM is a product of the Global Justice Information Sharing Initiative's (Global) Infrastructure and Standards Working Group (ISWG). It was developed by the Global ISWG's XML Structure Task Force (XSTF)

XML STANDARD FOR PROCESS DEFINITION LANGUAGE (XPDL) VERSION 1.0.
The Workflow Management Coalition (WfMC) has announced the release of its Workflow Standard XML Process Definition Language - XPDL 1.0. "Together with other WfMC standards, XPDL provides a framework for implementing business process management and workflow engines, and for designing, analyzing, and exchanging business processes. XPDL is the culmination of a fifteen-month effort by multiple vendors and users to provide a standard that satisfies the needs of diverse organizations. One of the key elements of the XPDL is its extensibility to handle information used by a variety of different tools. Based upon a limited number of entities that describe a workflow process definition ('Minimum Meta Model'), XPDL thus supports a number of differing approaches. The specification is intended for use by software vendors, system integrators, consultants and any other individual or organization concerned with the design, implementation, and analysis of business process management systems as well as with interoperability among workflow systems."

HEALTHCARE XML STANDARD DEVELOPMENT:
Hospitals, doctors, and other healthcare centers around the world require the ability to send and receive healthcare data, including patient information and various lab reports. As a result, vast amounts of healthcare information are exchanged on a daily basis. However, medical data can be extremely complicated due to the abundance of clinical terminology, as well as the structural complexity in the formation of the presented information. Thus, this information must be presented in a standardized format in order to ensure that the data is universally understood and organized. In order to achieve this, all healthcare information must be sent in a specialized healthcare language. The language that has been developed to overcome these obstacles is HL7. The HL7 protocol was developed by the Health Level 7 Organization, which consists of grammar and vocabulary that is standardized so that clinical data can be shared amongst all healthcare systems, and easily understood by all. By using the HL7 messaging protocol as a standard, all systems following the HL7 specifications are able to communicate easily with one another, without the need for information conversion.

October 4, 2000—Health Level Seven, Inc. (HL7) successfully balloted what it believes to be the first XML-based standard for healthcare—the Clinical Document Architecture (CDA). The CDA, which was until recently known as the Patient Record Architecture (PRA), provides an exchange model for clinical documents (such as discharge summaries and progress notes)—and brings the healthcare industry closer to the realization of an electronic medical record. The CDA Standard is expected to be published as an ANSI approved standard by the end of the year.

Clinical Document Architecture, Release One (CDA R1), became an American National Standards Institute (ANSI)–approved HL7 Standard in November 2000, representing the first specification derived from the Health Level 7 (HL7) Reference Information Model (RIM). CDA, Release Two (CDA R2), became an ANSI-approved HL7 Standard in May 2005 and is the subject of this article, where the focus is primarily on how the standard has evolved since CDA R1, particularly in the area of semantic representation of clinical events. CDA is a document markup standard that specifies the structure and semantics of a clinical document (such as a discharge summary or progress note) for the purpose of exchange. A CDA document is a defined and complete information object that can include text, images, sounds, and other multimedia content. It can be transferred within a message and can exist independently, outside the transferring message. CDA documents are encoded in Extensible Markup Language (XML), and they derive their machine process able meaning from the RIM, coupled with terminology. The CDA R2 model is richly expressive, enabling the formal representation of clinical statements (such as observations, medication administrations, and adverse events) such that they can be interpreted and acted upon by a computer. On the other hand, CDA R2 offers a low bar for adoption, providing a mechanism for simply wrapping a non-XML document with the CDA header or for creating a document with a structured header and sections containing only narrative content. The intent is to facilitate widespread adoption,

while providing a mechanism for incremental semantic interoperability. HL7 V3, like V2.x, is a standard for exchanging messages among information systems that implement healthcare applications. However, V3 strives to improve the V2 process and its outcomes. The original process for defining HL7 messages was established in 1987 and has served us well. The development principles behind HL7 V3 lead to a more robust and fully specified standard.

New capabilities offered in Version 3 include:

• Top-down message development emphasizing reuse across multiple contexts and semantic interoperability.
• Representation of complex relationships.
• Formalisms for vocabulary support.
• Support for large-scale integration.
• Solving re-use and interoperability across multiple domain contexts.
• A uniform set of models.
• Expanded scope to include community medicine, epidemiology, veterinary medicine, clinical genomics, security, etc.

BUSINESS XML STANDARD DEVELOPMENT:
Introduction: The Electronic Business (eBusiness) Extensible Markup Language (XML) [ebXML] set of specification enable electronic trading relationships between business partners and integrates new technologies:

• Communicate data in common terms (Core Components Technical Specification [CCTS]v2.0.1)
• Register and provide eBusiness artifacts and services (ebXML Registry Services [ebRS v3.0] an Registry information Model [ebRIM v3.0])
• Configure technical contract between business partners (Collaboration Protocol Profile and Agreements [CPP/CPA v2.0])
• Provide secure and reliable transport (ebXML Messaging Services [ebMS])
• Enable business processes (ebXML Business Process Specification Schema, [ebBP v2.0.3]).

SEALED AND CERTIFIED DOCUMENT WORKFLOW IN COURTS:
Anyone who’s been through the court system, whether for domestic violence, elderly abuse or child-support issue, knows how burdensome it can be. There are arraignments, bail hearings, trial and court dates, and mounds of paperwork. The amount of work that goes into every aspect of anyone’s legal travails is overwhelming, and it’s the organizations behind the courts that, in some ways, truly feel the weight of the work. Victims are overwhelmed by the number of pages of forms, many involving repetitive questions. Victim’s advocates spent two to three hours filling out forms, and they often have to wait hours for an available advocate. It takes another four to six hours from the time a judge signs the Order of Protection until the sheriff receives the service paperwork. Up to five agencies are involved in each procedure, all of which are in different locations. Therefore, manual paper delivery uses up valuable time and sometimes forces the victim to live with abuse rather than approach the court authorities.

DIGITAL AUTHENTICATION BASED PROCESS TO OBTAIN TRO (TEMPORARY RESTRAINING ORDER).
When a Judge gets a document digitally signed by Attorney, to verify the signature on the document, Judge's software first uses CA’s (the certificate authority's) public key to check the signature on Attorney’s certificate. Successful de-encryption of the certificate proves that CA created it. After the certificate is de-encrypted, Judge's software can check if Attorney is in good standing with the certificate authority and that all of the certificate information concerning Attorney’s identity has not been altered (Although these steps may sound complicated, they are all handled behind the scenes by Judge's user-friendly software). Judge then signs his order digitally and a copy is electronically delivered to sheriff and court clerk in minutes. Sheriff can digitally authenticate judge’s certificate and can make it available to other parties i.e. sheriff in another county if they provide proper credentials, for viewing. The digitally authenticated document provides:

• Proof of Identity.
• Prevention from unauthorized use.
• Intuitive UI for end users (encryption, decryption, and digital signatures).
• In the event that information is intercepted, encryption ensures privacy that prevents third parties from reading and or using the information.

How it Works

Digital authentication process

Benefits of Digital authentication process

BATCH RECORDS (EBR) AUTOMATION
Pharmaceutical companies have traditionally used paper (hard copy) to maintain production batch records (PBR), also called master production batch records (MPBR), for FDA-compliance purposes. With the advent of 21 CFR Part 11 in 1997, the FDA began to accept electronic batch records. Since then, more and more manufacturers have recognized the advantages of automating the process of controlling EBR.

Under CGMP regulations found in 21 CFR Parts 210-211, the EBR must demonstrate the accomplishment of every significant step in the production, packing, and holding of each batch of a drug product. CGMP requires extensive EBR documentation, including batch dates, identity of major equipment/lines used, components/materials used and their weights, in process and laboratory control results, complete labeling control records, sampling, and identification of personnel supervising or checking each step. The paper tracking associated with the process can be onerous. A digitally authenticated workflow could provide better control, security, audit ability, and make the entire process simple and efficient for pharmaceutical companies and FDA.

ADVANCED HEALTHCARE DIRECTIVE WORKFLOW:
Technological advances in medicine have made it possible to prolong life in patients with no hope of recovery. The physician is faced with deciding whether measures used to keep patients alive are extraordinary in individual situations. Advance Medical Directives are documents intended to provide guidance to medical professionals and your loved ones if you are incapacitated and cannot make your own medical decisions.
Advance directives can be defined as the right of incompetent patients to refuse unnecessarily burdensome treatment but at the same time emphasize the necessity for written evidence documenting their wishes. This empowers an agent, who has the power of an attorney, to make end-of-life decisions and give instructions about your health care wishes, if you are in a “chronic vegetative state”. Most of us procrastinate in creating an AHCD due to difficulty in obtaining proper advice, help and documents. Even in those cases where a person has signed an AHCD, it may be difficult to for him to have his wishes enacted due to unavailability of signed documents when they are needed.

Governor Schwarzenegger signed AB 2805 on sept 28, 2006, a measure authored by Assemblyman Sam Blakeslee.

AB 2805 permits AHCD's to be digitally signed and notarized using the California digital signature standards which were established in law in 1995. The measure protects current requirements for AHCD's to be signed and either notarized or witnessed by two people. But, also allows patients and notaries to use digital signatures and requires the use of a digital certificate for that signature.

“An advanced health care directive could have been instrumental in alleviating confusion around a case such as that of Terri Schiavo,” said Blakeslee. “However, making end-of-life or life-sustaining treatment decisions is just the first step. AHCD's only work if people proactively record these decisions with their medical provider.”

ADVANCED HEALTH CARE DIRECTIVE (AHCD), A CMA INITIATIVE:
CMA (California Medical Association), Mede pass and Image-X have teamed to create www.healthcarewishes.com to allow a person to digitally sign an Advanced Healthcare Directive and also provide digital notarization. Further a physician with valid authentication to comply with the patient’s wishes can retrieve the AHCD on web in compliance with AB 2805.

The electronically stored Advance Healthcare Directives is available to health care providers at any time via secure Internet or facsimile.

From case studies outlined above, one can summarize that this is just the start of the digital authentication process to replace the onerous paper based process. As more and more agencies understand advantages of digital authentication and approve these processes by passing necessary rules, we hope to see better security and privacy 20signature.jpg as well as more efficient process and conformance with law

How it works?

Electronic flow of the AHCD

Intuitive Interface:

AHCD with Date, Time stamp and Digital signature

BIBLIOGRAPHY:

• Digital Signature Guidelines, published by American Bar Association Section of Science and technology, Information Security Committee,
  Product code 5450012
• SearchSecurity.com Definitions (Powered by WhatIs.com) July 2006
• Legal XML Proposed Standard: XML Standards Development Project, XML Court Document 1.1 Draft Standard, E-filing report, published by Glasser Legalworks, Little Falls N.J.
• Global Justice XML Data Model, U.S. Department of Justice, office of justice programs, http://it.ojp.gov/jxdm/3.0.3/index