Today the IHE ITI Technical and Planning committees approved the Document Digital Signature (DSG) Profile be moved into Final Text. This Document Profile defines a way to support Digital Signatures, including when those Documents are managed in a Document Sharing infrastructure. This DSG Profile is referenced in many places where adding a Digital Signature to a document would be beneficial, such as Consent, Legal Evidence, etc.
DSG supports:
There is more interest in digital signatures driven by some Anti-Fraud use-cases. I think there will be more interest driven by Patient Authored content.
The main problem with Digital Signatures is NOT the standards, it is the Policies and overhead in issuing proper Digital Identity (PKI). Once there are Digital Certificates issued for the purpose of Digital Signatures, then there are many use-cases that can be enabled. However that first justification of the costs is very hard to do, and somehow combining justifications just never seems to happen.
The Document Digital Signature (DSG) profile is a Document Content profile that provides general purpose methods of digitally signing of documents for communication and persistence. This method can be used within a Document Sharing infrastructure (e.g., XDS, XCA, XDM, XDR, and MHD).
Electronic documents are being increasingly relied upon in healthcare. Signatures have been a part of the electronic documentation process in health care and have traditionally been indicators of accountability. Reliable exchange of data between disparate systems requires a standard that implements non-repudiation to prevent document creators from denying authorship and rejecting responsibility.
The main problem with Digital Signatures is NOT the standards, it is the Policies and overhead in issuing proper Digital Identity (PKI). Once there are Digital Certificates issued for the purpose of Digital Signatures, then there are many use-cases that can be enabled. However that first justification of the costs is very hard to do, and somehow combining justifications just never seems to happen.
The Document Digital Signature (DSG) profile is a Document Content profile that provides general purpose methods of digitally signing of documents for communication and persistence. This method can be used within a Document Sharing infrastructure (e.g., XDS, XCA, XDM, XDR, and MHD).
Electronic documents are being increasingly relied upon in healthcare. Signatures have been a part of the electronic documentation process in health care and have traditionally been indicators of accountability. Reliable exchange of data between disparate systems requires a standard that implements non-repudiation to prevent document creators from denying authorship and rejecting responsibility.
DSG supports:
- An Enveloping Signature is a Digital Signature Document that contains both the signature block and the content that is signed. Access to the contained content is through removing the Enveloping - Digital Signature. Among other uses, this method should not be used with Document Sharing infrastructure.
- A Detached Signature is a Digital Signature Document that contains a manifest that points at independently managed content. Detached signatures leave the signed document or documents in the original form. Among other uses, this method is recommended for use with a Document Sharing infrastructure to support Digital Signatures, as this method does not modify the original Document Content. This method uses the Document Sharing “SIGNS” relationship provide linkage.
- A SubmissionSet Signature is a Detached Signature Document that attests to the content in a SubmissionSet by: containing a manifest of all the other Documents included in the SubmissionSet, and a reference to the SubmissionSet. The Document Sharing “SIGNS” relationship may be used but is not required.
The digital signature standard is XML-Signature using XAdES-L-T profile, which brings inside the certificate and a timestamp; and we utilize the CommitmentTypeIndication for Purpose Of Signature. Thus we just bind in a vocabulary specific to Healthcare needs.
We did not include the new CDA digital signature. This is not because it isn't useful or interesting, but more because that would have been a very different technology. Those that want this profiled by IHE, should bring a New Work Item Proposal to profile it.
Other Digital Signature Blog Posts
- IHE - Privacy and Security Profiles - Document Digital Signature
- Signing CDA Documents
- Using both Document Encryption and Document Signature
- Non-Repudiation is a very old art --- the story behind the picture which is of a signature on a receipt for goods.
 
This comment has been removed by a blog administrator.
ReplyDeletefound great information. In my opinion, digital signatures are widely used now a days because they uses embedded fingerprints. That's why digital signatures are more efficient than e-signatures.
ReplyDeleteDownload Digital Signature Certificate Application Form to Apply Capricorn DSC as Class 2 & Class 3 Individual Certificate.
ReplyDeleteWow, that is great post. Your content is very helpful for me. I am glad to see your post here. Thank you so much for sharing with us.
ReplyDeleteThis blog post really help me to understand so many things and it's full of information. We provide Digital Signature Software
ReplyDeleteThis post does a great job of highlighting how the IHE Document Digital Signature (DSG) Profile plays a crucial role in ensuring authenticity, integrity, and non-repudiation in healthcare document exchange. The focus on structured document content and the importance of adhering to standards like XMLDsig and CDA reinforces how foundational these protocols are for trusted healthcare interoperability.
ReplyDeleteAt zonemedia360 .com,https://izone-media360.com/ we’ve seen a growing interest among healthcare organizations in implementing secure content management and digital trust workflows—not just to meet regulatory requirements, but also to foster patient confidence. The DSG profile seems like a key building block for that kind of infrastructure.
One thing I’m curious about: how well does this profile integrate with existing EHR systems that were not originally built with signature validation in mind? Are there middleware solutions commonly used to bridge that gap?
Jackleen, Thanks for this question. The design of DSG, when used with Document Sharing, would make the digital signature transparent to any recipient system that does not want the signature. This is because the signature object is published as a Document, with a SIGNS relationship to the document that it signs. Thus those recipients that want to validate the signature can navigate to the signature and validate it, but those that don't want to or can't will just find the document.
DeleteHave you seen that DSG now has a json signature option?