ENV 13729:2000

Health informatics - Secure user identification - Strong authentication using microprocessor cards

Publication date:   Nov 30, 2007

General information

99.60 Withdrawal effective   Mar 14, 2008


CEN/TC 251 Health informatics

Pre Standard

35.240.15   Identification cards. Chip cards. Biometrics | 35.240.80   IT applications in health care technology



Language in which you want to receive the document.


This European Prestandard defines a method for strong authentication of the identity of a user of a health information system where the user is equipped with a microprocessor card. By system is meant primarily a general purpose computer system with hardware ranging from a personal computer (PC) to a mainframe. Dedicated embedded systems with special operating systems are not considered, nor is
access control to data on a smart card such as a patient data card. However this European Prestandard does not preclude the addition of this functionality to a user card. The main focus of consideration is on users who are the healthcare persons, registered professionals
and other staff using health information. In situations when patients are allowed to use healthcare information systems directly to access their personal data, and secure user identification is needed, this European Prestandard may also be used. This European Prestandard defines a cryptographic authentication procedure using microprocessor cards with digital signature capabilities. This procedure is designed to be usable both within a local system and by a remote system across an unprotected network. This European Prestandard specifies the cryptographic algorithm to be employed and which must be available in the microprocessor card as well as in any authenticating system, remote or local, in the implementation of the defined strong authentication method. This European Prestandard defines the minimum set of physical, electrical and protocol standards that microprocessor cards shall support in order to conform to this standard; it does not define the internal structure of systems that support the use of these cards. This ENV identifies a number of IETF standards that support remote authentication in a way that is compatible with the use of this standard. The method for strong authentication defined in this European Prestandard requires Certification services...(Truncated)

Life cycle


ENV 13729:2000
99.60 Withdrawal effective
Mar 14, 2008