Re: [Gnumed-devel] [Fwd: SC-Corporate-ID released]

[Tim Churches]

J Busser wrote:

> At 7:32 AM +1000 5/7/05, Tim Churches wrote:
>
> > Something like this could be of interest to future GNUmed 
> > implementations.
> > Tim C
> >
> > SC-Corporate-ID is a commercial Smart Card security system that can be
> > extended by the user using the Python language... <SNIP>
> > You may find information on SC-Corporate-ID at www.snakecard.com.
>
>
> Tim, how were you envisioning this used? What would you see as the 
> most pressing deployment of a Smart Card?
>
> There is on the one hand the obvious authentication of doctors' and 
> office staff's access, maybe from within the office, but more likely 
> when accessing from outside. Though I am not sure how the costs of a 
> card + card reader system would compare to a USB key or dongle, I 
> suppose the Smart Card fits nicely in a wallet, but then you require a 
> reader on whatever PC you are going to use. 

That's the use I had in mind, but I only mentioned it because, uniquely, 
this company has created their interface suite for the card with Python 
and wxPython.

> Would the SmartCard have enough capacity to hold each of Windows and 
> Linux GNUmed client softwares and dependencies? And with this 
> SnakeCard solution is there a requirement for extra software 
> pre-installed on whichever PC you are going to access from?

No, not enough to hold teh software, and yes, you need their Python 
interface library on each machine to which a smartcard reader is connecetd.

> What deployment of a SmartCard could GNUmed pursue, that might excite 
> a government to support further adoption and deployment?

Apart from using it for stronger authentication of GNUmed users 
(smartcard plus password) - which is unlikely to excite govt - it could 
be used to allow the patient to carry away an encrypted copy of their 
own data, able to be read by other GNUmed installations. The advanatge 
is that the API to this SnakeCard is all in Python, which should make it 
vastly easier to work with than other card solutions.

> If you could download a patient's EMR dump from GNUmed onto a 
> patient's Smart Card, would the Emergency room or specialist's office 
> need more than a card reader (and the patient's password) to read the 
> file?

I think they may need "adaptor" software too.

> And if a patient were to have failed to update their SmartCard at 
> their last office visit, would this be the means by which, from the 
> Emergency room or specialist's office, the profile (dump) could be 
> updated remotely? Maybe it would also be the means by which patients 
> who went to the trouble of having a reader at home could authenticate 
> a connection to their doctor's GNUmed to update their contact or other 
> 'self-manageable" info and perhaps request appointments or make other 
> requests?

Yeah. Actually I am not a fan of patient-carried smartcards, for those 
and other reasons. But many people are, so if GNUmed ever needs a 
smartcard solution, here's a Pythonic one. That's all. But forget it for 
now. Sorry for the distratcion.

Tim C