Smart Cards for Future Healthcare Systems
Secure, efficient, reliable

Card-based e-health networks: cutting costs and improving care
All around the world, news­ paper headlines warn about the exploding costs of health­ care. Advanced medicines and technology are boosting life expectancy. As a result, people can now look forward to living past the age of 80 – twice as long as 100 years ago. This trend, however, has the side effect of driving up healthcare costs. As people get older, they need more frequent and more expensive care, causing the price of insurance to skyrocket. Clearly, something needs to be done to contain these costs. A number of countries have implemented conventional measures aimed at saving money. One of the most basic measures is the introduction of card­based e­health net­ works, which can help reduce costs remarkably. Card for physicians and phar­ macists, and a Card Application Management System (CAMS). Patient Data Card The Patient Data Card is a PIN­protected smart card incor­ porating a microprocessor and protected by cryptographic functions. It contains adminis­ trative insurance information and entitles patients to seek medical treatment. In turn, the patients give their doctors access to their personal medical data, which is stored either on the card or in the e­health network. The card can also hold information such as elec­ tronic prescriptions.

How to cut healthcare costs
1. Reduce fraud 2. Streamline administration 3. Improve communication 4. Enhance quality

Every project carried out by Giesecke & Devrient (G&D) has shown that efficient card­ based e­health networks have three main components: a Patient Data Card for the in­ sured, the Health Professional

2

Health Professional Card The Health Professional Card is a person­specific ID with a picture used by physicians and pharmacists. Like a key, it allows the holder to “unlock” patient data stored on the card and/or in the e­health network. It comes with an electronic signature for use on electronic documents such as e­prescriptions. Card Application Management System (CAMS) It takes a powerful e­health network to introduce a health­ care insurance card system. Naturally, this platform includes physical components such as cards, kiosks, card readers, and computer servers. However, it also contains a card applica­ tion management system to monitor the cards as they are being used and their contents updated.

G&D’s CAMS provides issuers with end­to­end lifecycle management for the cards – from initial data collection and personalization to cancellation at the end of the lifecycle. It supports patient data updates, card renewal, and the upload­ ing of new applications using an online connection over a high­performance network. Using one system to manage these tasks for millions of card­ holders keeps costs down.

G&D’s CAMS consists of the following modules
• Card management system • Data preparation • Application management • Post­issuance personalization • Key management

3

Tailored approaches for local requirements
Card issuers may also add optional applications, such as emergency data, health records, electronic signature, or bonus programs. Germany’s e­health card project is being managed primarily by a commercial enterprise established by leading health­ care industry organizations. Together, they are working to successfully roll out more than 72 million Patient Data Cards. Benefits of Germany’s new system: • Considerable reduction in fraud, thanks to the inclusion of a photo and online verifi­ cation of the card’s validity. • Improved communication and information­sharing by eliminating media disconti­ nuity in prescriptions. Germany In 2006, the German Parlia­ ment passed healthcare modernization legislation that required the introduction of Patient Data and Health Professional Cards. The law defines the electronic Patient Data Card in detail: it contains a photo of the insured person printed on the front, the holder’s basic data (printed on the surface and stored in more detail on the chip), and on the reverse side, the man­ datory information according to the European Health Insur­ ance Card (EHIC). • Decreased occurrence of adverse medical interactions by providing medication history. Expected to save more than 500 million euros annually and cut down on the number of accidental deaths resulting from cross­ over reactions. • Reduction of administration costs e.g. by automatically updating copayment status information.

4

The dangers of medication crossover reactions
Clinical drug tests usually focus on the medicines themselves. In the field, however, drugs might be taken in combination with other medications. If the drugs react with one another – a “crossover reac­ tion” – they could produce unde­ sirable side effects. International studies have concluded that more than 500 million euros could be saved annually by introducing a detection and warning system for crossover reactions.

The card´s operating system and memory will make it easy to upload applications in the field later on. Detection of medication crossover reactions will be incorporated for several test regions. To unleash its full potential, the card must be connected online to a back­ ground system. Switzerland G&D has been supplying Swiss Post with chip modules for Switzerland’s health insur­ ance cards since the start of 2010. System architecture and application scenarios in a PKI environment have been key focal points here. The total project volume is seven million cards, issued over a seven­year period. Products and solutions devel­ oped by G&D for the German healthcare market formed the basis of this project, ena­ bling smooth and rapid imple­ mentation. These included the smartcard itself, the card application management soft­ ware (CAMS), and essential

Austria The Main Association of the Austrian Social Insurance Institutions introduced a healthcare smart card dubbed the “e­card”. G&D won the contract for the entire project: design, development, issue, and introduction of the per­ sonalization and lettershop system for all chip cards with a minimum service life of 7 years. G&D produced and shipped 8.4 million Patient Data Cards for the insured and 30,000 Health Professional Cards within a period of 6 months. Rolled out from 2010 on­ wards, these cards belong to the third e­card generation. The e­card can generate elec­ tronic signatures and be used as citizen ID card.

software components for PCs (middleware). The chip modules were used in their certified form as ap­ proved by the German Digital Signature Act (SigG/SigV).

5

G&D helps find the right solution for card-based e-health networks
As these examples show, there is no one­size­fits­all solution. Each approach is very different and must be adapted to local requirements. As a capable partner with extensive experi­ ence in the e­health network sector, G&D can execute largescale projects from start to finish. We provide initial consultations to identify the ideal design with you. G&D can provide a turnkey solution as the general contractor, handle ongoing system oper­ ations as an outsourcing part­ ner, or supply components as a vendor.

System architecture of a card-based e-health network

Doctor’s office

Secure health network

Healthcare provider
Issue

Pharmacy

Status inquiry, directory services, card database Security transaction and other services

Status inquiry • E-prescription • Medication log • Referral letters • Electronic patient health record

Health Professional Card

Certificate authority

Health insurer
Issue

Hospital
Patient Data Card Card Application Management System

6

Giesecke & Devrient GmbH Prinzregentenstrasse 159 P.O. Box 80 07 29 81607 Munich GERMANY
RDN 11/11 E 1000 Art.­Nr. 2886240

Phone: +49 (0) 89 4119-18 37 Fax: +49 (0) 89 4119-27 78 health@gi-de.com www.gi-de.com

© Giesecke & Devrient GmbH, 2011 All technical data subject to change without notice.G&D/GAO patents.