Digital identities are with us every day. The technical possibilities are very diverse. How can digital identities enable secure identification for eGovernment and eHealth on the one hand and guarantee privacy protection on the other? Digital identities enable access to the digital society. They represent persons, organisations and objects in the digital world and are used in more and more areas of life. Each of us thus has – consciously or unconsciously – digital representations of our person for various purposes. Be it the Cumulus card from Migros, the SwissPass from the SBB or the SIM card in a mobile device, all these digital identities accompany us every day. Digital identities are very diverse. From a technical point of view, the spectrum ranges from user name/password combinations and smart cards to biometric means of identification and hardware-based certificates such as SuisseID. What characteristics should a digital identity have? A digital identity should be useful. It is a tool to be able to perform certain functionalities in the digital world. For example, with a digital identity you can prove who you are and thus use certain online services. You can digitally sign documents or data – analogous to a handwritten signature. With other, more passive identities, you can collect benefits from bonus programmes or use other real-world services, such as public transport. For some applications in the digital world, such as eGovernment, you have to be sure who is behind a digital identity. Identities, such as SuisseID, can be used as a digital ID. To do this, the identities used must be secure and trustworthy. With an identity based on a SuisseID, you can be 100% sure that you are dealing with the corresponding person. Trust in SuisseID is based on the one hand on a certified registration process, where you have to be present in person, and on the other hand on the security of the technologies used. For example, a hardware token, the SuisseID stick, prevents the SuisseID identity from being stolen. Only those who have the stick and the matching PIN can use the SuisseID. This is referred to as 2-factor authentication. A state-recognised electronic identity enjoys the highest level of trust. Here, the state assumes responsibility for registration, which is usually linked to the application for an identity document, for example an identity card or passport. But the high level of trust and security of a digital identity comes at a price: higher costs as well as complicated handling and an elaborate registration process. This usually results in poor user acceptance. Therefore, user-friendliness should always be weighed against security requirements when using digital identities. For example, a high level of security can be dispensed with for an online subscription to a daily newspaper, as the potential for damage is low. Privacy must be protected The data collection frenzy of some service providers on the Internet and various hacker attacks on customer data in recent months have strengthened the desire to protect privacy and anonymity. Particularly as it is now very difficult, and in some cases almost impossible, to remove data from the digital world once it has been disclosed. A good digital identity therefore also makes it possible to move anonymously or pseudonymously in the digital world. With these methods, the true identity of a person is hidden and only the characteristics that are essential for the use of a service, such as age, are revealed. This makes it possible to control access to inappropriate content for minors without knowing their name or gender. The disclosure of the identity (or parts of it) or the preservation of anonymity thus remains a decision of the person himself. A digital identity is not enough The various possible properties of digital identities make it clear that several identities are needed for the different areas of application. In eGovernment and also in eHealth, it is important to identify citizens and patients unambiguously in order to avoid confusion. Only a state-recognised digital identity or identities at a similarly high level of trust, such as SuisseID or the planned insurance card, which also has a unique identifier, make this possible. In other areas, where the potential for damage is lower, one can also use simpler electronic identities, such as those provided by Google or Facebook. These free identities are mostly based on self-registration with email or SMS confirmation. The personal attributes provided are mostly self-declared. Here, users and server providers alike should be aware of the dangers and risks.
Tag Archive for: e-Health
Public authorities make data available for secondary use as public sector information, (accessible) apps can use these and thus create added value. This paper focuses on requirements for the usability of a blind app for orientation in cities as well as requirements for the data. In addition to the widely used Points of Information, Points of Orientation and a supporting architecture are discussed, which are available for use as Open Government Data or in a crowd-based approach. Within the framework of a joint project, the implementation of a functional app using a sustainable data platform is planned. Public authorities collect, collate, produce and use data of all kinds, for example demographic, economic, geographical and meteorological data. This public sector information (PSI) can generate significant added value for services and products with the help of ICT. An OECD study (cf. 1) shows positive effects for economic, social and cultural areas of life, among others. In the meantime, portals for the provision of Open Government Data (OGD) have been established at various state and municipal levels (above all in the USA and the UK). There are numerous applications in the form of websites or apps. This article focuses on navigation systems for blind people and people with visual impairments. Corresponding GPS-based apps are widespread, for example myway (cf. 2) from the Swiss Association for the Blind or blindsquare.com. What these applications have in common is that they use information on points of interest (POI), for example from OpenStreetMap, and achieve great acceptance in combination with voice output and barrier-free operation. Crowd-sourcing approaches and the input of own POIs enable improved and individualised navigation. Improved orientation for the blind For the orientation of blind people, the usual standard (voice) output about intersections, junctions, etc. is not sufficient, as the surroundings cannot be perceived visually. Navigation systems for the blind offer additional information about the immediate surroundings, for example reading out routes to the next POI depending on the desired direction, the so-called turn-by-turn route guidance. In a comparison of five widely used iOS navigation apps (cf. 3), further functionalities are listed, including a “where am I?” function, a “route left” warning, a route recording and the possibility to create own POIs. Since the type and density of POIs depend on existing data sources, the quality of the orientation and navigation services varies. The additional use of OGD seems to be promising, since in cities, for example, information about fountains, guidelines, acoustic traffic lights, trees, surface conditions of footpaths, etc. is available and can be included in applications as points of orientation (POO). Olfactory data such as typical smells (of bakeries) or acoustic data can also contribute to orientation. At present, it is not sufficiently clear to what extent POIs and POOs in navigation systems are of actual benefit to blind people. Elicitation of requirements In cooperation with the Foundation for Accessibility, Access for All (Zurich), and the University of Applied Sciences of Eastern Switzerland (Rapperswil) with expertise in geoinformation systems, the BLUSON project (see info box) will investigate the requirements both for the barrier-free usability of an app for the blind for orientation in cities and for useful and necessary OGD data. A mobile application is to be developed to prove its usefulness, using OGD from the City of Zurich in close cooperation with the Open Data Group of the Office of Statistics. Conversely, in an iterative user-centred approach, requirements for data to be made available that offer added value in the given context are also to be identified. The results of these investigations, if accepted, will enable a lighthouse effect with regard to the opening of data in other cities and municipalities. Even more data through crowd-sourcing The widespread approach of crowd-sourcing even more data as Volunteered Geographic Information (VGI) (cf. 4) is also being evaluated and its integration prepared. However, the advantages of a possibly larger area coverage must be set against considerations of ensuring the coverage rate and data quality (cf. 5), so that areas of differing usability do not arise, as for example in OpenStreetMap. The aim is to ensure quality in the integration of VGI data through workflow processes. Typical CRM functionalities help to homogenise and manage data provided by different data suppliers. Homogenisation through a data platform The use of different data formats in different quality as well as the inclusion of VGI data and the regulation by workflow processes, as described above, suggest an encapsulation of the mechanisms necessary for this. With regard to the reusability of the approach for similar scenarios and applications, a data platform is planned, an AAGDP (Aggregated Accessibility Geo Data Platform), which mediates between the data sources and the application and thus represents a classic abstraction layer. Additional data sources can be added without changing the application, for example for other cities, through programming interfaces (API).
Figure 1 shows that, conversely, the AAGDP also allows other applications to use data without these applications having to worry about details of delivery, quality, etc. Status of the project and outlook Within the framework of a bachelor thesis (cf. 6), possibilities for integrating POO with OGD of the city of Zurich were tested. A web application was developed as a proof of concept, which met with lively interest at several project presentations. For practical use, however, many questions remained unanswered, both about the accessible design of the application and about the considerations mentioned in the article about a supporting data platform. The results of the BLUSON project should make a positive contribution to a politically desired inclusive society. Independent mobility is an essential prerequisite for a self-determined life and better quality of life, especially for people with disabilities. The results also serve to improve social interaction and thus harbour an added public value. The system architecture is not specifically designed for the application scenario described in this paper. Therefore, the project results can also be transferred to applications for other user groups, for example those for wheelchair users or for families looking for family-friendly routes in cities.
BLUSON – a project acronym for “Blind Users’ System for Orientation and Navigation” The project idea was developed with the partner of the completed EU project TAO (thirdageonline.eu), the Foundation Access for All (ZfA) (Zurich), which has design and analysis expertise in the field of accessibility. Prof. Stefan Keller from the Geometa Lab at the HSR University of Applied Sciences Rapperswil was found as an implementation partner. Based on its experience with blind and visually impaired people, ZfA has identified their need for improved orientation and navigation in cities as a priority. Under the direction of the E-Government Institute, a solid methodology for requirements elicitation is being developed for this project. A project application has been submitted to the Hasler Foundation for further funding.
- Vickery G./Wusch-Vincent S.: OECD Report on Public Sector Information. 2006. http://www.oecd.org/internet/ieconomy/36481524.pdf. Accessed : 16 April 2014.
- https://itunes.apple.com/ch/app/myway-lite/id494516234?mt=8 (SBV, Swiss Federation of the Blind and Visually Impaired).
- Goodchild, M.F./Li, L.: Assuring the Quality of Volunteered Geographic Information. In: Spatial Statistics 1 (2012). PP. 11-120. http://www.sciencedirect.com/science/article/pii/S2211675312000097?np=y. Accessed : 16 April 2014.
- Neis, P./Zielstra, D./Zipf, A.: Comparison of Volunteered Geographic Information Data Contributions and Community Development for Selected World Regions. In: Future Internet 2013, pp. 282-300. http://www.mdpi.com/1999-5903/5/2/282. Accessed : 16 April 2014.
- Rothauser, G./Schmucki, J.: Accessible Map App; Bachelor Thesis, HSR Hochschule Rapperswil, Geometa Lab/IFS, December 2013.
People entitled to vote cast their ballots online, courts and lawyers exchange case files electronically, and citizens have access to their patient dossier anytime and anywhere. As a traditional transmitter of confidential information, Swiss Post is working to implement this future with modern and secure solutions. In the areas of e-health, e-voting and perhaps soon also e-justice, it is making its contribution to Switzerland’s future infrastructure. Swiss Post has been transmitting sensitive documents such as voting documents, medical reports and court decisions for many years. It does so reliably, securely and in absolute confidence within the framework of postal secrecy. Based on social and technical progress, the legislator wants to advance e-government: In future, authorised users should be able to access medical and legal documents regardless of time and place, and those entitled to vote should be able to vote and elect via the Internet. Swiss Post also wants to assume its reliable intermediary function in e-government. To this end, it is currently developing solutions in various areas, always close to its core business – the secure and reliable transport of confidential information. E-Health The federal government’s eHealth Switzerland strategy wants all Swiss residents to have an electronic patient dossier at their disposal. Everyone can view their dossier at any time and from any location and grant selected health actors access to their medical data. An electronic patient dossier is thus not only practical, but also increases the patient’s self-determination. In addition, it improves the quality of treatment through the availability of relevant health data and ensures greater cost efficiency in the healthcare system. With the new Federal Electronic Patient Dossier Act (EPDG), uniform framework conditions for the introduction of the electronic patient dossier were established throughout Switzerland. The Confederation defines technical and procedural requirements that enable a standardised and secure exchange of health data. National and international standards ensure that data can also be exchanged between e-health platforms of different providers in a completely transparent manner, provided that the patient authorises this. Parliament passed the EPDG practically unanimously in the 2015 summer session. It is expected to come into force in 2017. As part of a pilot project, Swiss Post, together with the canton of Geneva, developed an electronic patient dossier back in 2011 that meets the requirements of the Confederation. It is based on the e-health solution vivates and is currently in operation in the canton of Geneva under the name MonDossierMedical. The solution covers the requirements of the eHealth Switzerland strategy, but its scope of services clearly goes beyond the electronic patient dossier. A total of five optional modules are available to medical service providers. By using them, they can increase their efficiency, save costs and improve the quality of treatment.
- Hospital referral: This allows doctors to refer their patients directly to the hospital using their practice software, via the Internet portal or, as before, by fax, letter or e-mail. The hospital receives all referrals digitised on a platform and can forward them internally quickly and securely to the departments involved. This can save several dozen francs per referral.
- Treatment plan: People who are dependent on prolonged treatment due to illness – whether for care, rehabilitation or regular check-ups with various specialists – can access all the information they need on the platform. The same applies to the treating specialists.
- Medication: For chronically ill people, medication is often complex and must be strictly adhered to. With an electronic medication plan, all professionals can view a patient’s existing medications – if the patient has authorised them to do so – and thus prevent unwanted interactions or duplicate prescriptions.
- Report transfer: Medical reports are sent in encrypted form to one or more recipients. These can view the data or automatically load it into the existing information system. In this way, structured and unstructured patient data can be transferred from system to system in a highly automated way.
- Patient dossier according to EPDG: Essentially, the patient dossier covers the entirety of the other modules by connecting all elements and granting the patient access to the decentrally available data.
E-health is about more than just making software available. Different organisations, institutions and citizens must be identified, connected to e-health platforms and networked with each other in a market-neutral way. It is a matter of connecting the physical world with the digital world. With its solution, Swiss Post already meets the applicable requirements. Politically and in the market, it is active and well networked, but it always takes a neutral stance in the healthcare sector. In addition to a growing core team that develops the e-health solution internally and supports customers and projects, various partner companies and in-house departments such as Group IT are also working in the background. The solution developed by Swiss Post has proven itself in practice: several hundred users register for the Geneva MonDossierMedical every month. In the canton of Vaud, Swiss Post operates vivates, the communication platform between hospitals, the network of doctors and the Centre Hospitalier Universitaire Vaudois (CHUV). In Ticino, the patient dossier for cancer patients runs reTIsan via vivates, and in Aargau, referral management between doctors in private practice and the cantonal hospitals of Aarau and Baden. Swiss Post thus already has productive medical platforms in use in several cantons and in three language regions of Switzerland, which are based on individual or several modules of the vivates solution. Due to the high sensitivity of personal medical data, the requirements for security and confidentiality in the healthcare sector are particularly high. By law, access to health data requires a strong authentication tool for both patients and medical professionals. SuisseID, which was co-founded and co-operates with Swiss Post, is one of several possible instruments. Information security and data protection have the highest priority at vivates, even beyond authentication. All data is transmitted exclusively in encrypted form. Swiss Post operates highly secure IT, communications and logistics infrastructures throughout Switzerland and therefore has the necessary competencies to transport data worthy of protection in the trust of the various actors. These competencies benefit all eGovernment solutions from Swiss Post. E-Justice E-justice encompasses the exchange of case files, court orders and pronouncements of judgement. In its response to the motion by Councillor of States Pirmin Bischof in 2013, the Federal Council welcomed uniform requirements throughout Switzerland. In connection with the revision of the Federal Act on Electronic Signatures (ZertES; SR 943.03), the Federal Council issued various mandates for the preparation of a legislative package to promote electronic commerce. Some of these legal bases are still being drafted. Electronic file inspection should allow authorised actors outside the court – for example lawyers and insurance companies – to inspect legal case documents quickly and without complications. In its catalogue of requirements, electronic legal transactions thus have numerous parallels to the electronic patient file in the health sector. Swiss Post therefore wants to provide its own e-justice solution, which is technically based on the e-health solution vivates and adopts its security features. The project is currently still in an early development phase and will only be offered on the market at a later date. E-voting For many decades, Swiss Post has been delivering voting and election documents to voters around 20 million times a year. Since the early 1990s, it has taken over the transport of postal votes. It is therefore predestined to provide the corresponding services electronically in e-voting.
The implementation of e-voting is basically a matter for the cantons. But here, too, the Confederation ensures uniform specifications. On 13 December 2013, the Federal Council revised the provisions for conducting trials of e-voting. The Ordinance on Political Rights (VPR, SR 161.11) entered into force on 15 January 2014. The new legal foundations define the conditions for the expansion of the electronic voting channel. In particular, the security requirements for the technical solutions with regard to verifiability and auditing were increased. Swiss Post has been evaluating business models for electronic voting since 2012 and is currently developing its own e-voting platform together with a Spanish technology partner. Due to the very high requirements in the area of security and encryption, Swiss Post has chosen a partner that has been a global leader in e-voting for 15 years with its core competence in cryptography. It owns joint intellectual property rights from the joint further development of the solution. The Swiss election and voting system and the demands that the software must meet cannot be covered by a standard product. Swiss Post’s e-voting solution is therefore rather software developed specifically for the Swiss market with an internationally proven technology base, which above all provides the required security features. Two important points are at stake here: Election manipulation must be prevented and the secrecy of the ballot and voting must be guaranteed at all stages of the process. On 31 August 2015, the cantonal government of Neuchâtel decided to rely on the Swiss Post solution in future – and thus on a fully developed second-generation solution. The decision is logical, as Neuchâtel works with the same technology partner for its previous pilot platform and corresponding synergies result. In parallel, Swiss Post is seeking dialogue with other cantonal authorities in order to clarify interests and requirements and to establish additional partnerships. The electronic transformation of the core business With its commitment to eGovernment, Swiss Post does not want to move away from its core business, but rather to transform it into the future. For many years, it has been an established intermediary for information that is so sensitive that the Confederation and customers insist on high security standards. Every year, Swiss Post transports millions of ballots as well as medical and court records to the satisfaction of the stakeholders involved. A satisfaction it does not want to rest on. New technological possibilities and social change are constantly changing the needs of customers. The demand for digital services is increasing accordingly. Swiss Post wants to continue to meet the needs of its customers in the near and distant future. It has therefore initiated numerous projects to offer its services in both the physical and digital worlds in the future. What its delivery staff delivers to the door or collects from the customer today, Swiss Post will also transport over the Internet with the same care in the future. It is foreseeable that both worlds will continue to exist in parallel for several decades. That is why Swiss Post is consistently expanding the physical-digital interface in particular. The classic physical and the new digital offers do not exist in isolation from each other, but are meaningfully interlinked as a holistic system: If the need arises, Swiss Post digitises physical documents in its data centres or produces on-demand printed matter from electronic data. With its physical-digital solutions, Swiss Post makes the transition to the age of electronic information exchange easier for the Swiss population. In addition, it reduces costs and simplifies processes with an efficient and secure flow of information between all actors in the public sector. A corresponding declaration of intent can also be found in Swiss Post’s vision: “We are making a significant contribution to a modern infrastructure in Switzerland” The e-government solutions currently being developed are an important part of this modern infrastructure. However, Swiss Post is not breaking new ground in e-government. With Swiss Post Solutions, it is one of the world’s leading providers in the area of document management. And it has a great deal of know-how in secure digital transmission – for example with products such as the secure e-mail IncaMail and SuisseID, the Swiss standard for secure identification and digital signatures. This means that it already has the technical means and the necessary trust to successfully offer services in eGovernment. In terms of its role in eGovernment, Swiss Post can best be compared with Swisscom, which is also developing corresponding solutions. The fact that competition is emerging in eGovernment – in some areas also between Swisscom and Swiss Post – is desired by the legislator. Alternatives would be for the Confederation to develop the solutions within the administration itself or to concession them to a single provider and bear the costs itself. The chosen competition under strict federal guidelines, however, not only ensures innovative solutions, but also time and again cooperation between the companies. This results in customer-friendly products that are ultimately affordable. Swiss Post is convinced that its products will survive in this competition.