Title: What is a Smartcard and why do I need one
1- What is a Smartcard and why do I need one?
- A guide for
- Healthcare Professionals
16 February 2005
2What is a smartcard?..
- A Smartcard is like a Chip and Pin credit or
debit card which holds your unique ID which when
connected to the National network, will provide
secure access to the NPfIT applications assigned
to you in accordance with your role and access
requirements. -
- The smartcard when inserted into the reader
device, attached to the organisations IT
Network, will provide secure access to the NPfIT
applications which you need in order to perform
your assigned role.
3Why do I need a card?..
- In order to comply with Data Protection
Legislation and National Governance, ALL
Healthcare Professionals who require access to
National Programme Systems will need an
individual and unique smartcard to access the
systems - This is required to ensure and maintain security
of all patient data which is held nationally - It protects patients data and confidentiality
- It provides appropriate access to the key staff
who require access to the data to care for
patients/clients appropriately and effectively - It maintains a full audit trail of staff
accessing records and data
4How do I get a card?..
- All Healthcare Professionals who require access
to National Programme Applications must apply for
registration using an RA01 form - A Registration Authority (RA) Sponsor assigned
within an organisation by the Executive, will
undertake 2 activities in the registration
process - They will be required to complete an RA01 form
with you, providing details of your profile and
assigning you to the organisation/s and Role/s
along with those business functions you will need
within the applications to perform your agreed
role - A Sponsor may verify your identity, provided they
can verify you have worked continuously for the
organisation for the last 2 years HR may be
asked to verify this in certain cases - If the sponsor/ HR cannot verify you have worked
for the organisation for the last 2 years,
extended proof of your identity as described in
the RA National/Local policy will be required at
point of registration with an RA Manager or Agent - An RA Manager or RA Agent appointed by the
Organisations Executive, will register users and
provide the user with a smartcard - RA Manager or Agent and Sponsor (if identity has
not been verified), will meet with you face to
face with the necessary RA01 form - Proof of ID documents will be required in order
to register you with your photo ID Smartcard,
passcodes and provide brief instructions on usage
5The registration process
6Registration is a 3-Stage Process
Validate Documents and RA01 Form
1
User is registered in the SUD
2
User is issued with a Smart Card in CMS
3
7Stage 1 Validation User Registration in the SUD
?
Validate Documents and RA01 Form
1
?
?
8Stage Two User Registration User Registration
in the SUD
User is registered in the SUD
2
9CMS Issuing the CardCard Management System
User is issued with a Smart Card in CMS
3
Import Person and Issue Card
1
10The user login experience
Insert SmartCard into Card Reader
Authentication Confirmed
Set Session Role
Start Relevant User Application
Enter PIN
11Smartcard Security Users Responsibilities
- Ensure Smart card is kept secure (as you would a
credit card) - Do not permit access to other users using your
smartcard and pin - Do not log in and allow other users access
- Do not leave Smartcard unattended or left in the
smart card reader - Lost or Stolen Smartcards should be reported to
the Organisations Registration Authority Manager/
Agent - Notify Organisations RA Manager/ Agent if you
have left the organisation, or are changing
department or role