A vision on electronic cooperation in the Belgian health care sector, based on the experience in the social sector, and the role of the Be-Health platform

About This Presentation

Title:

A vision on electronic cooperation in the Belgian health care sector, based on the experience in the social sector, and the role of the Be-Health platform

Description:

A vision on electronic cooperation in the Belgian health care sector, based on ... study group of the Commission for Telematics Standards in relation to the Health ... – PowerPoint PPT presentation

Number of Views:210

Avg rating:3.0/5.0

Slides: 87

Provided by: bwo9

Category:

more less

Transcript and Presenter's Notes

Title: A vision on electronic cooperation in the Belgian health care sector, based on the experience in the social sector, and the role of the Be-Health platform

1
A vision on electronic cooperation in the Belgian
health care sector, based on the experience in
the social sector, and the role of the Be-Health
platform
Frank Robben General manager Crossroads Bank for
Social Security CEO Smals Sint-Pieterssteenweg
375 B-1040 Brussels E-mail Frank.Robben_at_ksz.fgov.
be Website CBSS www.ksz.fgov.be Personal
website www.law.kuleuven.ac.be/icri/frobben
2
Structure of the presentation

existing electronic cooperation in the social
sector
the problem
the solution
basic principles
advantages
towards an electronic cooperation in the health
care sector, based on the experience of the
social sector
objectives
useful building blocks
Be-Health platform

3
Actors in the Belgian social sector

about 2,000 public and private institutions at
several levels (federal, regional, local) dealing
with
collection of social security contributions
delivery of social security benefits
child benefits
unemployment benefits
benefits in case of incapacity for work
re-imbursement of health care costs
holiday pay
old age pensions
guaranteed minimum income
delivery of supplementary social benefits
delivery of supplementary benefits based on the
social security status of a person

4
The problem

a lack of well coordinated service delivery
processes and of a lack of well coordinated
information management led to
a huge avoidable administrative burden and
related costs for
the companies
the citizens
the actors in the social sector
service delivery that didnt meet the
expectations of the companies and the citizens
suboptimal effectiveness of the social protection
higher possibilities of fraud
suboptimal support of the social policy

5
Expectations of citizens and companies

integrated services
attuned to their concrete situation, and
personalized when possible
delivered at the occasion of events that occur
during their life cycle (birth, going to school,
starting to work, move, illness, retirement,
decease, starting up a company, )
across government levels, public services and
private bodies
attuned to their own processes
with minimal costs and minimal administrative
burden
if possible, granted automatically
well performing and user-friendly
reliable, secure and permanently available
accessible via a channel chosen by the user
(direct contact, phone, electronic devices, )
sufficient privacy protection

6
The solution

a network between all 2,000 social sector actors
with a secure connection to the internet, the
federal MAN, regional extranets, extranets
between local authorities and the Belgian
interbanking network
a unique identification key
for every citizen, electronically readable from
an electronic social security card and an
electronic identity card
for every company
190 electronic services for mutual information
exchange amongst actors in the social sector,
defined after process optimization
nearly all direct or indirect (via citizens or
companies) paper-based information exchange
between actors in the social sector has been
abolished
in 2006 511 million electronic messages were
exchanged amongst actors in the social sector,
which saved as many paper exchanges

7
Social security card
name Christian name date of birth sex social
security number period of validity of the
card card number
sickness fund sickness fund registration
number insurance period insurance status social
exemption status
key 1
other data to be added in the future, if useful
8
Electronic identity card
9
Contribution certificate health care sector
present situation
Employees
Employer
Sickness funds
Control
RIZIV
RSZ
10
Contribution certificate health care sector
present situation
11
Derived rights in tax affairs

a number of people are entitled to an increased
refund of the costs for medical care
moreover, a number of municipalities and
provinces grant these persons reductions or even
exemptions of the taxes

12
Derived rights in tax affairs - past situation
Sickness fund
13
Derived rights in tax affairs - present situation
CBSS
sickness funds network
14
The solution

41 electronic services for employers, either
based on the electronic exchange of structured
messages or via an integrated portal site
50 social security declaration forms for
employers have been abolished
in the remaining 30 (electronic) declaration
forms the number of headings has on average been
reduced to a third of the previous number
declarations are limited to 3 events
immediate declaration of recruitment and
discharge (only electronically)
quarterly declaration of salary and working time
(only electronically)
occurence of a social risk (electronically or on
paper)
in 2006 17.9 million electronic declarations were
made by all 220,000 employers, 98 of which from
application to application
according to a study of the Belgian Planning
Bureau, rationalization of the information
exchange processes between the employers and the
social sector implies an annual saving of
administrative costs of more than 1 billion a
year for the companies

15
Start/end of an employment relationship
Simplification
Employment contract
Work force register
Special work force register
Individual document
Students contract
NOSS
On line consultation
Inspection
Work force register
Data- base
16
Quarterly declaration salary working time
Simplification
Employer
one electronic declaration
NOSS
INAMI
FAT
old age pension
ONP
ONEM
FMP
CBSS
holiday pay
ONVA
ONAFTS
17
Declaration of social risks

types of social risks
child allowances
incapacity for work ((labour) accident,
(occupational) disease, )
unemployment
old age pension
3 possible moments of declaration
start of the social risk
recurrence or continuation of the social risk
end of the social risk
structure of the declaration
identification data
if necessary, salary and working time data not
yet declared via a quarterly declaration
(mini-declaration)
specific data concerning the social risk

18
The solution

electronic services for citizens
maximal automatic granting of services based on
electronic information exchange between actors in
the social sector
4 electronic services via an integrated portal
2 services to apply for social benefits
2 services for consultation of social benefits
about 30 new electronic services are foreseen
an integrated portal site containing
electronic transactions for citizens and
employers
information about the entire social security
system
harmonized instructions and information model
relating to all electronic transactions
a personal page for each citizen and each company
an integrated multimodal contact centre supported
by a customer relationship management tool

19
The solution

coordination by the Crossroads Bank for Social
Security
board of directors consists of representatives of
the companies, the citizens and the actors in the
social sector
mission
definition of the vision and the strategy on
E-government in the social sector and of the
common principles related to information
management
definition, implementation and management of an
interoperability framework
secure messaging of several types of information
(structured data, documents, images, metadata, )
with business logic and orchestration support
coordination of business process reengineering
stimulation of service oriented applications
management of a reference directory for
preventive control on the legitimacy of the
information exchange
organisation of the routing of information
automatic communication of changes of information

20
The solution

reference directory
directory of available services/information
which information/services are available at any
institution depending on the capacity in which a
person/company is registered at each institution
directory of authorized users and applications
list of users and applications
definition of authentication means and rules
definition of authorization profiles which kind
of information/service can be accessed, in what
situation and for what period of time depending
on in which capacity the person/company is
registered with the actor that accesses the
information/service
directory of data subjects
which persons/companies have personal files in
which institutions for which periods of time, and
in which capacity they are registered
subscription table
which users/applications want to automatically
receive what services in which situations for
which persons/companies in which capacity

21
Towards a network of service integrators
Service integrator (Corve, Easi-Wal, )
RPS
RPS
Services repository
Extranet region or commmunity
Service integrator (CBSS)
Services repository
ASS
Extranet social sector
ASS
Internet
Municipality
FPS
ASS
VPN, Publi-link, VERA,
FPS
FEDMAN
Services repository
Service integrator (FEDICT)
City
Province
FPS
Services repository
22
Basic principles

information modelling
unique collection of re-use of information
management of information
electronic exchange of information
protection of information

23
Information modelling

information is being modelled in such a way that
the model fits in as closely as possible with the
real world
information modelling takes as much account as
possible of anticipated use of information
the information model can be flexibly extended or
adapted when the real world or the use of the
information changes

24
Unique collection and re-use of information

information is only collected for well-defined
purposes and is targeted to meet the requirements
of these purposes
all information is collected once, from as near
to the authentic source as possible
information is collected according to the
information model and following uniform
guidelines
with the possibility of quality control by the
supplier before the transmission of the
information
the collected information is validated once
according to established task sharing criteria,
by the institution that is most entitled to it or
by the institution which has the greatest
interest in correctly validating it
it is then shared and re-used by authorized users

25
Management of information

a task sharing model is established indicating
which institution stores which information as an
authentic source, manages the information and
maintains it at the disposal of the authorized
users
information is stored according to the
information model
information can be flexibly assembled according
to ever changing legal concepts
every institution has to report probable errors
of information to the institution that is
designated to validate the information

26
Management of information

every institution that has to validate
information according to the agreed task sharing
model, has to examine the reported probable
errors, to correct them when necessary and to
communicate the correct information to every
known interested institution
information is only retained and managed as long
as there exists a business need, a legislative or
policy requirement, or, preferably anonimized or
encoded, when it has historical or archival
importance

27
Electronic exchange of information

once collected and validated, information is
stored, managed and exchanged electronically to
avoid transcribing and re-entering it manually
electronic information exchange can be initiated
by
the institution that disposes of information
the institution that needs information
the institution that manages the interoperability
framework (CBSS as service integrator)
electronic information exchanges take place on
the base of a functional and technical
interoperability framework that evolves
permanently but gradually according to open
market standards, and is independent from the
methods of information exchange

28
Electronic exchange of information

available information is used for
the automatic granting of benefits
prefilling when collecting information
information delivery to the interested parties

29
Protection of information

security, integrity and confidentiality of
government information is ensured by integrating
ICT measures with structural, organizational,
physical, personnel screening and other security
measures according to agreed policies
personal information is only used for purposes
compatible with the purposes of the collection of
the information
personal information is only accessible to
authorized institutions and users according to
business needs, legislative or policy
requirements
the access authorization to personal information
is granted by an independent institution,
designated by Parliament, after having checked
whether the access conditions are met
the access authorizations are public

30
Protection of information

every actual electronic exchange of personal
information is preventively checked on compliance
with the existing access authorizations by an
independent institution managing the
interoperability framework
every actual electronic exchange of personal
information is logged, to be able to trace
possible abuse afterwards
every time information is used to take a
decision, the information used is communicated to
the person concerned together with the decision
every person has right to access and correct
his/her own personal data

31
Advantages

gains in efficiency
in terms of cost services are delivered at a
lower total cost due to
a unique information collection using a common
information model and administrative instructions
a lesser need to re-encoding of information by
stimulating electronic information exchange
a drastic reduction of the number of contacts
between actors in the social sector on the one
hand and companies or citizens on the other
functional task sharing concerning information
management, information validation and
application development
in terms of quantity more services are delivered
services are available at any time, from anywhere
and from several devices
services are delivered in an integrated way
according to the logic of the customer
in terms of speed the services are delivered in
less time
benefits can be allocated quicker because
information is available faster
waiting and travel time is reduced
companies and citizens can directly interact with
the competent actors in the social sector with
real time feedback

32
Advantages

gains in effectiveness better social protection
in terms of quality same services at same total
cost in same time, but to a higher quality
standard
in terms of type of services new types of
services, e.g.
push system automated granting of benefits
active search of non-take-up using
datawarehousing techniques
controlled management of own personal information
personalized simulation environments
better support of social policy
more efficient combating of fraud

33
Critical success factors

common vision on electronic service delivery
amongst all actors
support of and access to policymakers at the
highest level
trust of all stakeholders
electronic service delivery as a structural
reform process
process re-engineering within and across actors
back-office integration for unique information
collection, re-use of information and automatic
granting of services
integrated and personalized front-office service
delivery
focus on more efficient and effective service
delivery, and on cost control

34
Critical success factors

appropriate balance between efficiency on the one
hand and privacy and security on the other
respect for legal allocation of competences
between actors
co-operation between all actors concerned based
on distribution of tasks rather than
centralization of tasks
quick wins combined with long term vision
technical and semantic interoperability
legal framework
adaptability to an ever changing societal and
legal environment
creation of an institution that stimulates and
co-ordinates

35
Critical success factors

need for radical cultural change within
government, e.g.
from hierarchy to participation and team work
meeting the needs of the customer, not the
government
empowering rather than serving
rewarding entrepreneurship within government
ex post evaluation on output, not ex ante control
of every input

36
United Nations Public Service Award
37
Structure of the presentation

existing electronic cooperation in the social
sector
the problem
the solution
basic principles
advantages
towards an electronic cooperation in the health
care sector, based on the experience of the
social sector
objectives
useful building blocks
Be-Health platform

38
Objectives

to optimize the quality and the continuity of the
health care delivery system and the patients
safety
to avoid unnecessary bureaucracy for the health
care providers
quality support of the health care policy
through a well organized electronic information
exchange between all parties associated with the
health care delivery system
with the necessary guarantees for the information
security and the protection of the privacy

39
Useful building blocks

general use of a patient identification number
minimal content of health care files that can be
communicated electronically
permanent availability and accessibility of the
minimal electronically communicable content of
health care files
standardized content, format and methods for the
exchange of electronic care prescriptions
sectoral committee of the Commission for the
protection of privacy (CPP)
user and access management

40
Useful building blocks

secured platform for the electronic exchange of
information about patients, provided care and the
results of the provided care, and for the
exchange of electronic care prescriptions between
all parties associated with the health care
delivery system
network
basic services
exchange standards
access channels for the users
independent organization for the management of
the exchange platform
appropriate legal framework

41
Patient identification number

either social security identification number
(SSIN)
or identification number irreversibly derived
from the social security identification number by
means of an algorithm available with each health
care provider, that will be specified for
instance by the Security study group of the
Commission for Telematics Standards in relation
to the Health Sector
either unique for each patient and used by all
health care providers and institutions
or unique for each patient and used by one health
care provider / institution with a possibility of
conversion between patient identification numbers
of the different health care providers /
institutions by the independent organization that
manages the exchange platform (see hereafter)

42
Patient identification number

encoding or anonymization of information when the
identification of the patient through the patient
identification number is no longer necessary
on the occasion of the Royal Decree on the Cancer
register, the CPP has already given a positive
advice with regard to the method for the
irreversible derivation of a patient
identification number from the social security
identification number

43
Minimal communicable content health care file

agreements on the minimal content of a health
care file that can be communicated electronically
information about the patient
information on the provided care
information on the results of the provided care
no monopoly or recognition of software products
but incentives for health care providers /
institutions to keep electronic health care files
with minimal communicable content and to make
them permanently electronically available for
authorized persons

44
Accessibility health care file

minimal communicable content of health care files
must be electronically available and accessible
at all times for the authorized persons
either with the health care provider himself
or with a subcontractor chosen by the health care
provider
health care institution
cooperation between health care providers
independent institution that manages the exchange
platform
with the necessary back-up services

45
Electronic care prescriptions

standardized content and electronic format of the
different types of care prescriptions
methods for the creation of electronic care
prescriptions with a minimum of bureaucracy
methods for the electronic exchange of care
prescriptions
guaranteed free choice of the care provider by
the patient
incentives for care providers / institutions to
create and exchange electronic care prescriptions

46
Sectoral committee

composed of
representatives of the CPP
independent experts in social security and health
care appointed by the Chamber of Deputies
tasks
to give authorizations for the (electronic)
exchange of personal social data and personal
health data in cases not regulated by the law
to determine the organization and policies with
regard to information security for the processing
of personal social data and personal health data
to give advices and recommendations with regard
to information security for the processing of
personal social data and personal health data
to investigate complaints on violation of the
information security during the processing of
personal social data and personal health data

47
User and access management

guarantee that only authorized health care
providers / institutions get access
to the personal information they are authorized
to according to the law or to the authorizations
granted by the Sectoral committee
concerning patients whose personal information
they need for the health care providing process

48
User and access management

authentication of the identity of the health care
provider, for instance through his electronic
identity card
on-line verification of the status of the health
care provider through an electronic consultation
of the authentic data base(s) of the health care
providers
on-line verification of the mandates of the user
to act on behalf of a health care provider /
institution through the electronic consultation
of the authentic data base(s) containing the
mandates

49
User and access management

authentication of the patients identity through
his electronic identity card or his SIS card,
except
if a fixed care relation between the health care
provider / institution and the patient has been
registered (see hereafter, reference directory)
in cases of emergency
management of access authorizations with
following specifications
which health care provider / institution /
application
with which status
can have access in which situation
to which type of data
concerning which patients
and regarding which period

50
Reference directory

content
mentions for each patient, identified through his
patient identification number, the places where a
specific type of electronic information is
available about the patient, the provided care
and the results of the provided care
on the one hand, table with fixed care relations
between health care providers and their patients,
the nature of the relation, the begin date and
end date of the relation
on the other hand, a table with the places where
without a fixed care relation there is electronic
information available about the different
patients, possibly through a stepped system
(general reference directory refers to specific
reference directories for each group of health
care providers or each health care institution)
no personal information !!!

51
Reference directory

functions
preventive control on the legitimacy of the
access to the information regarding a patient
routing of information requests to the places
where the information about the patient is
available
possibility of an automatic communication of
information to certain care providers

52
User and access management

access authorizations are provided by the
Sectoral committee, unless they result from a law
conformity of a concrete access request with the
access authorizations is preventively validated
by the independent institution that manages the
exchange platform
all accesses are subject to an electronic logging
on the user level so that the legitimacy of the
access can be verified afterwards (only
who-what-when, no content)
access to the loggings is strictly protected

53
Network and exchange standards

use of the existing network infrastructure
(internet, social security extranet, FedMAN, ...)
with end-to-end encryption of the information
(concept of virtual private networks (VPN))
exchange based as much as possible on structured
electronic messages from application to
application
exchange based as much as possible on open
standards or at least open specifications
orchestration of the data exchange by the
independent organization that manages the
exchange platform

54
Access channels for the users

several devices
PC and laptop
PDA
cell phone
maximal integrated access to the information
regardless of the information source
with at least one free and generally accessible
application for the integrated access to the
information

55
Independent management organization

preferably one management organization,
administered by
various types of health care providers /
institutions
health insurance funds as representatives of the
patients
public institutions responsible for the
organization of the health care (insurance)
tasks
to develop and manage the secure exchange
platform choice of the infrastructure,
definition of standards and specifications, ...
to offer access channels for the users
to organize an operational system of user and
access management
to manage the reference directory

56
Independent management organization

tasks
to coordinate the development of processes for
the electronic data exchange between the users of
the exchange platform
to orchestrate the electronic information
exchange between the users of the exchange
platform
possibly, to convert the patient identification
numbers between health care providers /
institutions
proactive policy to avoid illegitimate access to
personal information, e.g. through
preventive control of the legitimacy of the
access to personal information
keeping and analyzing loggings of the exchange of
personal information (only who-what-when)
helpdesk

57
Appropriate legal framework

possibility or obligation to use patient
identification number
method for determining the minimal electronically
communicable content of health care files
incentives and gradual obligation of permanent
electronic availability of the minimal
electronically communicable content of the health
care file and the electronic exchange of care
prescriptions
obligation to update the reference directory
probative value of electronic prescriptions and
electronic data exchanges

58
Appropriate legal framework

creation of the organization for the management
of the secure exchange platform and decision on
the composition and the missions of the
management organization
creation of Sectoral committee within the CPP and
decision on the composition and competences

59
Critical success factors

cooperation between all parties concerned by the
health care delivery system, based on a division
of tasks rather than a centralization of tasks
trust of all stakeholders in the preservation of
the necessary autonomy and the security of the
system
firstly the development of the exchange platform
and the creation of the necessary institutions
(management organization for exchange platform,
Sectoral committee, ...) and then further
elaboration of processes between these
institutions
quick wins in combination with a long term vision
legal framework

60
Be-Health platform
Patients and care providers
Portal SS
SVA
SVA
SVA
AVS
Portal RIZIV
PortalBeHealth
MyCareNet
SVA
SVA
SVA
AVS
SVA
SVA
SVA
AVS
Users
Platform with basic services
VAS
VAS
VAS
VAS
VAS
VAS
Suppliers
61
Be-Health platform

basic service
a service that has been developed and made
available by Be-Health and that can be used by
the supplier of an added value service
added value service (AVS)
a service put at the disposal of the patients
and/or the health care providers
the entity that develops and offers an added
value service can use the basic services offered
by Be-Health for this purpose
validated authentic source (VAS)
a database containing information used by
Be-Health
the administrator of the database is responsible
for the availability and (the organization of)
the quality of the information made available

62
Available basic services

network, based on existing infrastructure
(internet, carenet, social security extranet,
FedMAN, ...)
portal environment (https//www.behealth.be),
including
a content management system
a search engine
personal electronic mailbox for each care
provider
integrated user and access management
logging management

63
Portal
64
Portal
65
User and access management

authentication of the identity according to the
required security level
electronic identity card
user number, password and citizen token
user number and password
verification of statuses and mandates access to
validated authentic sources
authorization to use an added value service
management by service supplier
elaborated on the basis of a generic policy
enforcement model

66
Policy Enforcement Model
67
Policy Enforcement Point (PEP)

intercepts the request for authorization with all
available information about the user, the
requested action, the resources and the
environment
passes on the request for authorization to the
Policy Decision Point (PDP) and extracts a
decision regarding authorization
grants access to the application and provides
relevant credentials

Action
on
Action
application
Policy
on
DENIED
application
User
Enforcement
Application
PERMITTED
(
PEP
)
Action
on
application
Decision
Decision
request
reply
Policy
Decision
(
PDP
)
68
Policy Decision Point (PDP)

based on the request for authorization received,
retrieves the appropriate authorization policy
from the Policy Administration Point(s) (PAP)
evaluates the policy and, if necessary, retrieves
the relevant information from the Policy
Information Point(s) (PIP)
takes the authorization decision (permit/deny/not
applicable) and sends it to the PEP

Policy
Enforcement
(
PEP
)
Decision
Decision
request
reply
Information
Request
/
Policy
Policy
Reply
retrieval
Decision
(
PDP
)
Informatie
Vraag /
Antwoord
Policy Information
Policy Administration
Policy Information
(
PAP
)
(
PIP
)
(
PIP
)
69
Policy Administration Point (PAP)

environment to store and manage authorization
policies by authorised person(s) appointed by the
application managers
puts authorization policies at the disposal of
the PDP

Authorization
Policy
management
retrieval
PDP
PAP
Manager
Policy
repository
70
Policy Information Point (PIP)

puts information at the disposal of the PDP in
order to evaluate authorization policies
(authentic sources with characteristics,
mandates, etc.)

Information
Request /
Reply
PDP
Information
Request /
Reply
PIP
1
PIP
2
Authentic source
Authentic source
71
Architecture
Non social FPS (Fedict)
Be-Health
Social sector (CBSS)
USER
USER
USER
APPLICATIONS
APPLICATIONS
APPLICATIONS
Authorisation
Authen
-
Authorisation
Authen
-
Authorisation
Authen
-
tication
tication
tication
PEP
PEP
PEP
WebApp
WebApp
Role
Role
Role
XYZ
XYZ
Mapper
Mapper
Mapper
Role
Role
Mapper
Mapper
DB
DB
PDP
Role
PAP
PDP
Role
PAP
PAP
Provider
Role
Provider
Role
Kephas
Kephas
Kephas
DB
Provider
DB
Provider
PIP
PIP
PIP
PIP
PIP
PIP
Attribute
Attribute
Attribute
Attribute
Attribute
Attribute
Provider
Provider
Provider
Provider
Provider
Provider
Provider
Management
DB
DB
Management
Gerechts- deurwaar- ders
DB
DB
DB
DB
UMAF
XYZ
XYZ
XYZ
VAS
Mandaten
Mandaten
VAS
72
Validated authentic sources

register of health care providers
administrator FPS Public Health
contains information about the diploma and the
specialization of a health care provider
identified through his social security
identification number (SSIN)
database with recognitions of the National
Institute for Sickness and Invalidity Insurance
(RIZIV)
administrator RIZIV
contains information about the RIZIV recognition
of health care providers identified through their
SSIN
database with persons authorized to act on behalf
of a health care institution
administrator NOSS (division user management
for companies)
contains information about which persons,
identified through their SSIN, are authorized to
use which applications on behalf of a health care
institution

73
Principle of circles of trust"

aim
to avoid unnecessary centralization
to avoid unnecessary threats to the protection of
the privacy
to avoid multiple similar controls and
registration of loggings
method division of tasks between the entities
associated with the electronic service, including
clear agreements on
who is in charge of which authentications,
verifications and controls by which means and who
is responsible for this
how the results of the authentications,
verifications and controls can be safely
exchanged electronically between the entities
concerned
who keeps which loggings
how to ensure that in case of an investigation,
on ones own initiative or in response to a
complaint, a complete tracing can be realized in
order to know which natural person has used which
service or transaction concerning which citizen
or company, when, through which channel and for
which purposes

74
Examples of added value services

third party billing
Medic-e
input in cancer register
Medattest
support of electronic care prescription in
hospitals
electronic registration of birth

75
Third party billing

supplier National College of Sickness Funds
users nurses, their groupings and
representatives
functionality send the third party billings
electronically to the sickness funds
basic services used
identification and authentication of the identity
of the user (eID or user number-password-citizen
token)
verification of the status of nurse with RIZIV
recognition
verification of the mandate
electronic mailbox (publication of documents)
logging

76
Medic-e

supplier FPS Social Security
users medical doctors who evaluate medical
handicapped persons
functionality enter the evaluation of
handicapped persons electronically into the
information system of the FPS Social Security
basic services used
identification and authentication of the identity
of the user (eID or user number-password-citizen
token)
verification of the status of medical doctor with
RIZIV recognition
electronic mailbox (publication of documents)
logging

77
Input in cancer register

supplier Cancer Register
users oncologists in health care institutions
and labs
functionality electronic input of information
into the cancer register and access to the
registered information
basic services used
identification and authentication of the identity
of the user (eID)
verification of the status of medical doctor with
RIZIV recognition
electronic mailbox (publication of documents)
logging

78
Medattest

supplier RIZIV
users medical doctors, dentists,
kinesthesiologists, nurses, speech therapists,
orthopedists, health care institutions and their
mandataries
functionality on-line order of care prescription
formulars
basic services used
identification and authentication of the identity
of the user (eID or user number-password-citizen
token)
verification of the status of users
verification of the mandate
logging

79
Electronic care prescription in health care
institutions

analysis of required functionalities
functionalities before a prescription can be
processed
authentication of the identity of the person who
writes the prescription
verification of the status of the person who
writes the prescription
system to ensure that the prescription cannot be
modified unnoticeably after applying the methods
to guarantee the integrity and the electronic
time stamping
authentication of the identity, verification of
the status of the person who has written the
prescription, guaranteeing the integrity and
electronic date for each individual prescription
the time necessary for authenticating the
identity, verifying the status and guaranteeing
the integrity must not exceed ¼ of a second per
prescription
a person that writes prescriptions must be able
to switch between prescription places without
overhead
local validation that the prescription has not
been modified after applying the methods to
guarantee the integrity and the electronic time
stamping

80
Electronic care prescription in health care
institutions

analysis of required functionalities
functionalities during the processing of the
prescription
the electronic time stamping must be requested
immediately after applying the method to
guarantee the integrity and must be placed within
30 seconds after the request
organizational requirements
velocity of replacing an authentication tool when
useless
traceability of who has done which processing at
which moment for the creation of a prescription
(must be kept during a certain period)
traceability of the content and of the exact date
and time of each request and processing of a
request to revoke an authentication tool
point of special interest
avoid that care institutions have to work with
different systems for the authentication of the
identity, the verification of the status, the
guarantee of the integrity of documents,
electronic time stamping, for different types
of processes

81
Electronic care prescription in health care
institutions

possible solution
the authentication of the identity and the
verification of the status are performed on the
local level using at least a user-id, a password
and something one possesses, on condition that
each person that writes prescriptions signs a
document that stipulates that he is responsible
for everything that is authenticated in terms of
identity and status through his user id, his
password and the possessed element
the prescriptions are hashed
the hashing results (not the content of the
prescription itself !) receive an electronic time
stamp from Be-Health
clear organizational rules concerning the
management of user-ids, passwords and the
possessed elements, based on the results of
Elodis, are incorporated in an royal decree in
implementation of article 21 of the royal decree
n 78
a regulation is being elaborated that indicates
under which conditions postscriptions are possible

82
Legal framework for the creation of Be-Health

article 4 of the Law of 27 December 2006
including several provisions
Within the Federal Public Service Public
Health, Food Safety and Environment, a public
service in charge of the management of the
electronic service platform for the exchange of
health care data is created, named Be-Health,
with a separate management as referred to in
article 140 of the Government Account Acts,
coordinated on 17 July 1991.
The King determines, after a decree deliberated
in the Council of Ministers, the missions and
further rules for the management and the working
of this public service with a separate
management.

83
Proposition of mission

the elaboration of and the supervision of the
compliance with a vision and a strategy for the
supply of electronic services in the health care
sector, in close consultation with the various
public and private actors of this sector
the elaboration of and the supervision of the
compliance with the necessary norms, standards
and basic architecture for an efficient use of
ICT to support this strategy
the elaboration, as part as a common strategy, of
basic services for the potential support of the
actors in the public health sector, e.g.
an interoperability framework for secure
electronic data exchange
the necessary basic services to support this
electronic data exchange, like a system of user
and access management, a system for the
organization and logging of electronic data
exchanges or a system for the electronic access
to data
the management of the cooperation with other
public entities in charge of the coordination of
electronic services