What are encryption and anonymization (Trusted Third Parties) of the eHealth platform?

These tools allow to hide the identity of a person or the medical data related to a person behind a code, in order to protect the privacy of this person and comply with medical confidentiality. The encryption is done through a synchronous Web service, while the TTP anonymization is done asynchronously through a batch complementary to the eHealthBox.

What are the functionalities of encryption and TTP anonymization?

Encoding

Web service encoding (WS Seals) provides the following functionalities:

• 'Encode': this method allows data to be entered as input and then returned in encrypted form. There are several algorithms available with which the encoding can be performed
• 'Decode': this method allows encoded data to be entered as input, after which the unencoded data is returned

TTP anonymization

The TTP anonymization, also called "batch TTP encoding," allows an institution or healthcare provider that has medical data to send its data in an anonymous form to a known recipient, i.e., the information that allows to identify the person concerned (to whom the medical data refers) is encoded. The anonymization is also done at the level of the sender of the message so that the recipient does not know from whom the medical data he has received comes and it is not possible to deduce from it to whom the data relates.

The TTP also allows the addressee to enrich the medical data received and send it back to the original sender (without knowing the identity of the sender). In this case, the data are de-anonymized so that the original sender can learn about all the information.

Specifically, messages are sent and received through the eHealthBox, while the batch TTP Encoding processes these messages in order to anonymize/deanonymize them and send them to the appropriate institution or person. Once the message is processed and delivered, the sender receives a receipt so they know the message was received, or they receive a notification with the reason why it could not be processed. A message is processed and forwarded to the final recipient within 2 hours of transmission.

In practice

What are the conditions for integrating the coding and TTP service of the eHealth platform ?

• Contact the responsible project leader within the eHealth platform

Wolf.Wauters@ehealth.fgov.be ( wcag.label.externalLink)

and clearly describe the context and purpose of your project

• In the context of using the batch TTP encoding, three elements are required:

o Agreement of the Sectoral Committee:

Preparation of an authorization request for the use of batch encoding and submission to the Sectoral Committee. You can find the list of the different Sectoral Committees as well as useful information about the authorization request through the following link (wcag.label.file wcag.label.externalLink)

For further questions about the application, please contact TTP@ehealth.fgov.be

o Electronic signature of the document TTP_GlobalDoc

when approved by the Sectoral Committee, a document "TTP_GlobalDoc" should be prepared by the eHealth Platform's TTP Service team (contact: TTP@ehealth.fgov.be ( wcag.label.externalLink) ). This document summarizes the procedure of medical data exchange (senders, recipients, details of transmission, etc.) in accordance with the deliberation of the Sectoral Committee. This document should be signed electronically by all parties involved in the project

after the signing of this document, the eHealth Platform's TTP Service team will provide senders with the necessary information regarding the use of the batch TTP (e.g. the name of the TTP project to be used in the messages)

o Access to eHealthBox

as already mentioned, the use of the batch TTP encoding presupposes the use of the eHealthBox. This means that senders and recipients must hold an eHealth certificate

• In the context of using the service encryption

o Possess an eHealth certificate to use the web service

o Agreement of the Sectoral Committee in case of using the method "Decode"

Since the method "Decode" allows to decode the data, there must be an authorization from the Sectoral Committee to do so. You can find the list of the different Sectoral Committees as well as useful information about the authorization request through the following link (wcag.label.file wcag.label.externalLink)

Further questions about the application can be addressed by mail to Wolf.Wauters@ehealth.fgov.be