 |
Return to detail page at www.hitsp.org | HITSP/C26 |
| Prev TOC Next |
| HOME | ABOUT | MEMBERSHIP | NEWS & ANNOUNCEMENTS | MEETINGS | FAQ | CONTACT US | | Powered by American National Standards Institute |
|
Return to detail page at www.hitsp.org | HITSP/C26 |
| Prev TOC Next |
The scope of the HITSP/C26 Nonrepudiation of Origin provides the mechanisms to support Nonrepudiation of Origin, which refers to both the proof of the integrity and origin of documents in a high-assurance manner which can be verified by any party. This Component does not provide Nonrepudiation of Receipt.
According to Section 7.3.1.1 of ASTM E1762-95 (2003) Standard Guide for Electronic Authentication of Health Care Information, Nonrepudiation is defined as proof that only the signer could have created a signature. Nonrepudiation cannot be ensured until the completion of the applicable dispute resolution process. This process may be influenced by agreements between the signer and verifier (for example, trading partner agreements or system rules), and such agreements would implicate the appropriate technologies that could be used to provide electronic signatures.
ASTM E1762-95 (2003) also defines three levels of assurance (low, medium, and high) for nonrepudiation. Low and medium levels of assurance do not require the use of digital signatures but may rely on a combination of audit log, integrity control, and access controls. Low and medium levels of assurance can be achieved by using the core set of HITSP security constructs (HITSP/T15 Collect and Communicate Security Audit Trail, HITSP/T16 Consistent Time, HITSP/T17 Secured Communication Channel, and HITSP/TP20 Access Control).
COPYRIGHT NOTICE
2009 ANSI. This material may be copied without permission from ANSI only if and to the extent that the text is not altered in any fashion and ANSIs copyright is clearly noted.
This section provides a list of key reference documents and background material.
A list of key reference documents and background material is provided in the table below. These documents can be retrieved from www.hitsp.org.
Table 1-1 Reference Documents
|
Reference Document |
Document Description |
|
Lists and defines the acronyms used in this document |
|
|
Provides definitions for relevant terms used by HITSP documents |
|
|
TN900 is a reference document that provides the overall context for use of the HITSP Security and Privacy constructs |
In order to claim conformance to this construct specification, an implementation must satisfy all the requirements and mandatory statements listed in this specification, the associated HITSP Interoperability Specification, its associated construct specifications, as well as conformance criteria from the selected base and composite standards. A conformant system must also implement all of the required interfaces within the scope, subset or implementation option that is selected from the associated Interoperability Specification.
Claims of conformance may only be made for the overall HITSP Interoperability Specification or Capability with which this construct is associated.
A HITSP Interoperability Specification must be implemented in its entirety for an implementation to claim conformance to the specification. HITSP may define the permissibility for actor scoping, subsetting or implementation options by which the specification may be implemented in a limited manner. Such scoping, subsetting and options may extend to associated constructs, such as this construct. This construct must implement all requirements within the selected scope, subset or options as defined in the associated Interoperability Specification to claim conformance.
|
Return to detail page at www.hitsp.org | HITSP/C26 |
| Prev TOC Next |