S.R. CWA 15974:May 2009
Current
The latest, up-to-date edition.
INTEROPERABILITY OF THE ELECTRONIC EUROPEAN HEALTH INSURANCE CARDS (WS/EEHIC)
Hardcopy , PDF
English
01-01-2009
Foreword
0 Introduction
0.1 Background
0.2 Purpose of the specification
0.3 The four different eEHIC card types
0.4 Mandatory and optional data fields
0.5 Actors and expected benefits
0.6 Levels of deployment
0.7 Relationship with existing standards
0.8 Privacy and data transparency
0.9 Guidance for the reader
1 Scope
2 Normative References
3 Definitions, abbreviations, and notations
3.1 Definitions
3.2 Abbreviations
3.3 Notations
4 eEHIC data
4.1 Overview
4.2 Data content
4.2.1 EHIC application data
4.2.2 Extended EHIC application data
4.2.3 Other data
4.3 General data representation
4.3.1 Multilingual character string
4.3.2 Monolingual character string
4.3.3 Date
4.3.4 Gender
4.3.5 Number
4.4 Specific data representation
4.4.1 Name of the card holder
4.4.2 Personal identification number
4.4.3 Date of birth of the card holder
4.4.4 Expiry date of the card
4.4.5 Member State issuing the card
4.4.6 Identity of Competent Institution
4.4.7 Logical identification number of the card
4.4.8 Form identifier
4.4.9 Address
4.4.10 Telephone number
4.4.11 External data pointer
4.4.12 eEHIC data layout
4.5 ASN.1 encoding
4.5.1 Introduction
4.5.2 Type 1 card
4.5.3 Type 2 and 4 Cards
4.5.4 Type 3 card
5 Metadata
5.1 eEHIC metadata rationale
5.2 eEHIC High Level Architecture
5.3 eEHIC Low Level Architecture
5.4 Middleware
5.4.1 eEHIC fitting in ISO/IEC 24727 model
5.4.2 Entity relationships on the application interface
for the eEHIC 'entitlement' service
5.5 Interoperability
5.6 Connection service
5.6.1 General
5.6.2 eEHIC entitlement service implementation
5.7 eEHIC Access Control Lists
5.7.1 General
5.7.2 eEHIC Connection Service-ACL
5.7.3 eEHIC Card-ApplicationService-ACL
5.7.4 eEHIC NamedDataService-ACL
5.7.5 eEHIC CryptographicService-ACL
5.7.6 eEHIC Differential-IdentityService-ACL
5.8 Type 4 cards: ISO/IEC 24727 and CEN/TS 15480-2 non
compliance
5.8.1 Legacy cards without additional personalisation
5.8.2 Legacy cards that are further personalised
5.9 Alternative non-ISO24727 discovery mechanism: Type 1.alt
card
5.10 HCP application general decision tree
6 eEHIC messages
6.1 Use cases
6.2 Monitoring transactions and graceful termination of
incomplete workflows
6.2.1 Rationale
6.2.2 SOAP Transactions
6.3 Generic message format
6.4 Flow type 1: registering of a person and verifying
entitlement/Status
6.4.1 Preconditions
6.4.2 Sequence diagram
6.4.3 Specific data exchanged in flow type 1 messages
6.5 Flow type 2: declaring an event
6.5.1 Preconditions
6.5.2 Sequence diagram
6.5.3 Specific data exchanged in flow type 2 messages
6.6 Flow type 3: requesting a decision
6.6.1 Preconditions
6.6.2 Sequence diagram
6.6.3 Specific data exchanged in flow type 3 messages
6.7 Flow type 4: requesting information
6.7.1 Preconditions
6.7.2 Sequence diagram
6.7.3 Specific data exchanged in flow type 4 messages
6.8 Complete eEHIC service definition
6.8.1 eEHIC Data Set XSD
6.8.2 eEHIC Service WSDL
7 Authentication mechanism for secure home Member State DB access
7.1 Overview of security implementation
7.2 High-level architecture
7.2.1 The discovery mechanism
7.2.2 The entitlement
7.3 Security services
7.3.1 Knowledge-based user verification
7.3.2 Client/Server authentication
7.3.3 SSL generation with smart card
7.3.4 Encryption Key Decipherment
7.3.5 Symmetric Authentication scheme
7.3.6 Device Authentication with privacy protection
7.4 eEHIC computational model
7.4.1 Implementation of ISO/IEC 24727 services
7.4.2 eEHIC named services relationships
7.4.3 eEHIC_ADMIN mapping
7.4.4 eEHIC_HCP mapping
7.4.5 Provision for the Web Service Binding
7.4.6 Coding of eEHIC service attributes (informative)
7.4.7 UML-like Computational Model
8 Annex A: Matrix of mandatory components of an eEHIC system,
depending from the scenario be deployed
9 Annex B: XML Message Description
9.1 Flow type 1: registering of a person and verifying
entitlement/Status
9.1.1 WSDL operation definition
9.1.2 SOAP Request/Response containers
9.2 Flow type 2: declaring an event
9.2.1 WSDL operation definition
9.2.2 SOAP Request/Response containers
9.3 Flow type 3: requesting a decision
9.3.1 WSDL operation definition
9.3.2 SOAP Request/Response containers
9.4 Flow type 4: requesting information
9.4.1 Specific data exchanged in flow type 4 messages
9.4.2 SOAP Request/Response containers
9.5 Complete eEHIC service definition
10 Annex C - White Paper
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.