D2D protocol: update July 2020
Applied to the healthcare access scenario, the Device-to-device (D2D) protocol provides the citizen the ability to retrieve data stored in the National EHR, store data locally on a Smart EHR (S-EHR), exchange health data where no internet connection is available and travel all over the European Union with her medical data.
Progress on the D2D protocol until June 2020 includes the following sequenced exchanges of information since Bluetooth connection is initiatied through a QR code:
- Citizens can send demographic details and the patient summary to health care providers who can visualise through the HCP app.
- Health care providers can send healthcare organisation details, evaluation and prescription data to citizens who can visualise through the S-EHR app.
- Temporary consent is requested by health care professionals and accepted by citizens through the S-EHR app.
Health data exchange is terminated by a connection closure message sent by the citizen switching off the Bluetooth connection.
The security implementation includes five different phases:
- Bootstrap: S-EHR app and HCP app acquire all the necessary credentials.
- Identity/Demographic Data Exchange: Certificate exchange over Bluetooth and signature verification.
- Consent exchange: Signature verification and consent storage.
- Key establishment: Symmetric key establishment for application level encryption.
- Encrypted Communication: Encrypted data exchange between S-EHR and HCP app.
Therefore, in 2020, progress and novelties of the D2D protocol and security implementation comprise:
- Full integration with the Security Protocol: certificate exchange, signature verification and consent storage.
- Exchange of citizens’ lab results and prescription and health care professionals’ prescriptions throughout bundle HL7 FHIR Resources.
- Health care professional compliance checking to InteropEHRate profile for prescriptions and to IPS profile for patient summary upon receival of data from the S-EHR app, closing the connection when receiving a non-compliant dataset.
- Integration of D2D libraries with the HCP and S-EHR apps.
- D2D supports Android and Apple devices.