Introduction
The purpose of this article is to examine the feasibility of digital signature technology to guarantee the legal validation of electronic dental records.
Methods
The possible uses of digital signature technology, the actual use of digital signature technology to authenticate electronic dental records, the authentication of each part of the electronic dental record, the general legal principles involved, how to digitally sign electronic dental record files, and the limitations of this method are discussed.
Results and Conclusions
It is possible to obtain electronic dental records that carry the same legal certainty as conventional, nonelectronic records. For this purpose, each part of the electronic dental records should be digitally signed by the author of the document.
Orthodontics is a dental specialty that deals with many technologic resources. Two-dimensional and 3-dimensional digital photographs, 3-dimensional digital dental casts, digital radiographs, computed tomography, 3-dimensional cephalometry, and magnetic resonance imaging permit accurate diagnosis, planning, and treatment-result analysis. Furthermore, with scanners and digital cameras, we can digitize conventional, nonelectronic records and turn them into electronic records.
Replacing conventional dental records with electronic records saves office space, facilitates access to patients’ medical and dental histories, integrates health care information, and helps to improve the quality of all health treatment. Simmons showed how electronic health and dental records will be part of American health professionals’ and patients’ routines within a few years.
However, the transition from conventional to digital must be managed carefully. Any digital file, including an electronic dental record, can be forged, raising doubts about its authenticity. Madhan and Gayathri demonstrated that digital photographs and radiographs can be manipulated, simulating clinical results that do not exist in the real world and forging images of patients’ records that seem to be real. Frequently, tampering is so well conducted that only a specialist can detect it.
Because of the difficulty in demonstrating that electronic records represent something that really exists, their legal validity (ie, their integrity and authenticity) can be questioned in a judicial or an administrative lawsuit.
To guarantee the authenticity of digital medical images, Smith proposed the use of “digital signature technology.” Subsequently, Kobayashi and Furuie presented an algorithm to achieve viable integrity, authenticity, and verification on digital imaging and communications in medicine (Digital Imaging and Communications in Medicine) medical images, also using digital signatures.
The United States, Brazil, and the European Union regulate the use of digital signature technology, because electronic contracts are becoming common.
Surprisingly, although the system of digitally signing electronic health records was suggested in the United States, Brazil, Germany, Greece, and Taiwan, this subject is still largely unexplored for electronic dental records. We searched the PubMed database using the terms electronic dental records and digital signature , and found no articles.
The aim of this study was to examine the feasibility of digital signature technology to guarantee the legal validation of electronic dental records in a global perspective.
Possible uses of digital signature technology
Digital signature means a mathematically generated mark using asymmetric key cryptography techniques that is unique to both the signatory and the information signed. For its implementation, a digital certificate (an electronic document that binds a person’s identity to his or her digital signature), a digital signature infrastructure (software, hardware, personnel resources, and the required procedures to effectively use digital certificates and digital signatures), and certification authorities (issuers of digital certificates) are needed.
Legal process and the actual use of digital signature technology to authenticate electronic dental records
In Brazil, for example, the Brazilian Public Keys Infrastructure (ICP-Brasil) was created by a Provisional Executive Order in 2001. In 2006, the ICP-Brasil permitted the computerization of judicial processes, according to law number 11419/2006, in which only digital documents are used. In 2007, the Brazilian Federal Board of Medicine approved the technical standards of medical records digitizing and permitted the elimination of conventional records if ICP-Brasil digital certificates to digitally sign the files were used.
Documents are admissible in court as long as they are relevant. A relevant document is one that tends to make a material fact more or less likely than it would have been without the document. If a dentist or a physician is a defendant in a liability lawsuit, the patient’s health records are relevant documents.
In law, the relevant documents are referred to as evidence. In the United States, federal courts adhere to the Federal Rules of Evidence, which determine what type of evidence is admissible and in what situations. State courts have adopted their own rules, but most mirror the federal laws. According to these rules, to be admissible as a piece of evidence in court, a document must be authentic.
The problem with electronically stored information, such as an electronic dental record, is the ease with which it can be tampered with or even fabricated completely. In some court cases, electronic data were not allowed to be admitted into evidence because they could not be adequately authenticated, even without clear-cut proof that the items were not authentic.
Digitally signing important electronic documents is one recommended security measure to establish their authenticity.
Legal process and the actual use of digital signature technology to authenticate electronic dental records
In Brazil, for example, the Brazilian Public Keys Infrastructure (ICP-Brasil) was created by a Provisional Executive Order in 2001. In 2006, the ICP-Brasil permitted the computerization of judicial processes, according to law number 11419/2006, in which only digital documents are used. In 2007, the Brazilian Federal Board of Medicine approved the technical standards of medical records digitizing and permitted the elimination of conventional records if ICP-Brasil digital certificates to digitally sign the files were used.
Documents are admissible in court as long as they are relevant. A relevant document is one that tends to make a material fact more or less likely than it would have been without the document. If a dentist or a physician is a defendant in a liability lawsuit, the patient’s health records are relevant documents.
In law, the relevant documents are referred to as evidence. In the United States, federal courts adhere to the Federal Rules of Evidence, which determine what type of evidence is admissible and in what situations. State courts have adopted their own rules, but most mirror the federal laws. According to these rules, to be admissible as a piece of evidence in court, a document must be authentic.
The problem with electronically stored information, such as an electronic dental record, is the ease with which it can be tampered with or even fabricated completely. In some court cases, electronic data were not allowed to be admitted into evidence because they could not be adequately authenticated, even without clear-cut proof that the items were not authentic.
Digitally signing important electronic documents is one recommended security measure to establish their authenticity.
Authentication of each part of the electronic dental record
Dental records include documents that are produced by the treating dentist (eg, the treatment progress form), the radiographic laboratory (eg, the computed tomography files), and the patient (eg, the signed informed consent form).
The purposes of authentication are to show authorship and to assign responsibility for an act, event, condition, opinion, or diagnosis. So, if each part of the electronic dental record is digitally signed by its author, all of the electronic dental records are considered to be authentic.
General legal principles
The efficiency of the digital signature technology to legally validate electronic dental records can be questioned, because manipulated digital files can be digitally signed after forgery.
To elucidate this matter, it is important to understand that certain values comprise a common foundation among western legal systems, and these values are expressed by the general principles of law. Two of these principles must be analyzed in the case of digital signatures of electronic dental records: the good-faith principle and the burden-of-proof principle.
Good-faith principle
The good-faith principle means that the parties in a transaction must deal honestly and fairly with each other, represent their motives and purposes truthfully, and refrain from taking unfair advantage that might result from a literal and unintended interpretation of the agreement between them.
So, respecting the good-faith principle, it is assumed that health care professionals and patients are honest, and there is no reason for digitally signing health records that do not correspond to reality.
Actually, it is the same reasoning that is applied to conventional nonelectronic records. Because of the good-faith principle, when complementary examinations are made by a radiology laboratory, the health care professional considers them to be authentic without asking for proof.
It means that the digital signature technology does not guarantee absolute authenticity of electronic health and dental records. In fact, digital signature technology guarantees to the electronic records the same legal validity as the conventional nonelectronic ones.