CERV@NTES - SESCAM Public Key Infraestructure

UPDATING OF INFORMATION. TERMINATION OF CERTIFICATION SERVICE PROVIDER: The Health Service of Castilla-La Mancha (SESCAM) has begun the tasks for the termination of certification service provider. This termination is planned to be effective on November 14, 2018, so from that date the current certificates issued by the SESCAM will no longer be valid. Likewise, all electronic signatures made through the use of certificates issued by SESCAM will be invalidated. Only those signatures that, following the concrete electronic signature standards, store at the moment of execution of the signature procedure both the time stamp of the operation and the revocation information of the certificates involved (either in the form of OCSP ticket or copy of the CRL issued at that time).

 
In compliance with Regulation (EU) No. 910/2014 of the European Parliament and article 21 of Law 59/2003 on electronic signature, SESCAM will issue final Revocation Lists (CRL) that will be published in its current location and that will remain of this published form during a period of 15 years.
 
 

Introduction 

 

The SESCAM intended to be a modern organization of public health services, characterized by innovation and overall service quality (medicine, nursing, ancillary services, etc.), the accuracy in the diagnosis and treatment, security, closeness and agility. Their services look forward the comfort of its users, providing personalized attention and ensuring privacy and confidentiality. It must enable social and professional participation, providing attention and appropriate deal to suppliers.

Health Care, the essence of the work of SESCAM is a complex service (diagnosis, prognosis, treatment), which requires well-trained professionals, sufficient resources and adequate organization. Health Care also requires security guarantees in the execution of procedures and actions taken by professionals, such actions must ensure access control to information, confidentiality, integrity and non-repudiation.

The Cerv@ntes project has enabled the implementation of a Public Key Infrastructure, as security support for:

  1. Access control to installations, computer services and / or computing resources that require specific privileges and subsequent audit.
  2. Deployment of electronic signatures as a fundamental tool for improving information security and trust building, since allows a verification of the identity of the origin and the integrity of exchanged information. The use of this type of mechanisms for example when the doctor signs a prescription, a record, a service request assistance, etc., replacing a handwritten signature allows speeding up and automation of processes, producing a saving in material and economic resources.
  3. Guarantee the Information privacy in this sense there are several issues to consider, among which stand out for example: compliance with requirements of the Data Protection Act in the use of encrypted communications, privacy assurance of medical records, etc.
  4. Improved service to citizens requiring it accorded the right to communicate with government by electronic means as established by Law 11/2007 on electronic access of citizens to public services.

Cerv@ntes is the basis upon which the SESCAM acts a Certification Service Provider (CSP) being recognized by the Spanish Ministry of Industry, Tourism and Trade according the law 59/2003 on electronic signature. SESCAM ensures the identity of their public employees and their quality as health professional through the use of certificates, but also provides certification mechanisms to automated services for electronic sealing of documents, electronic seat authentication and the certification of devices such as WEB servers, domain controllers, applications, etc.