Medical Records

[Adam Shostack]

	It seems that they use signatures & hashes; nice work, a good
advance for medical records storage, but I'd ask how keys are managed,
and also what prevents me exploiting the 'hash-only' mode of sending
in what I'm cliaming to be is an emergency.  (Not that these
invalidate the system; they're just interesting areas to work on.)

E. ALLEN SMITH wrote:

|    "We have to make sure that the digital information and images are not
|    altered accidentally or surreptitiously," Wong said. "In addition,
|    x-rays and other imaging studies are part of the patient's medical
|    record and must be protected from unauthorized access."
|    
|    The system uses mathematical formulas or codes to scramble the images
|    through encryption. It involves a "two-key" system -- one code enables
|    public access but a second, private code is required to unscramble the
|    information.
|    
|    The private code, known only to the individual to whom the information
|    is transmitted, is 1,024 computer bits long, Wong said.
|    
|    In emergencies where fast transmission is needed, the unscrambled
|    image is transmitted with a digital "fingerprint," a smaller code that
|    assures the intended viewer that no one has altered the original
|    image.


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume