You have received information that you will/must use the e-service card to access the register.
GETTING STARTED (PREPARATIONS)
Before using your e-service card for log in to the register, it must be activated/linked to your username for the register. Activation means that your e-service card identification will be linked to your username for the register. Only after this can you use your e-service card for log in to the register. The activation process is always initiated by the register when logging in. You linked your e-service care to your username in the register.
The activation process requires…(see also)
- an e-service card with correct pin code
- current username for the register and password
Clicking the link ”Card log in” on the register's home page starts the activation processes for log in with strong authentication, and the user can link his/her e-identification to their user ID for the register. In the example screenshots below, we are assuming NetID is the software used for processing the e-service card and the register Auricula for screen dumps.
LOGGING IN TO THE REGISTER USING YOUR E-SERVICE CARD (5 STEPS)
1) CARD READER
First, insert your e-service card in the card reader for the computer you will be using to access the register.
2) THE REGISTER
Continue by clicking Card log in.
3) SELECT CERTIFICATE*
You will now get up the option of choosing which certificate to use. Select SITHS CA vX. (X = current version)
*NB!
You do not always get up the option "Select certificate". In these cases, you will get up a window for identification, see point 4 below.
4) ENTER SAFETY CODE/IDENTIFATION
You must now identify yourself by entering your identification code. This is done by entering your PIN code (generally 6 digits) for identification/AUTHENTETICATION.
Next, click "My identification".
You will find your security code in your PIN code envelope from Telia. If you do not have it, you must order a new PIN code for your e-service card.
5) USERNAME AND PASSWORD FOR THE REGISTER
After identification of the e-service card, you must enter your current username and password for authorization for the register. If you do not have these, you must contact the local register responsible.
After entering the correct username and password, your e-service card will be linked to your username for the register and you can access the system. You have now completed strong authentication for the register and you will be able to use your e-ID for log in.
You have been informed that you will/must use an e-service card to access the register. I have/already use an e-service card linked to SITHS…
Click the answer below that best fits the current register situation.
- You are already using an e-service card for authorisation control and log in. You only need to link/activate your user ID to the register.
- I have an e-service card, but do not use it in the company. (See the answer below under No)
1. You do not have an e-service card. In this case, you must get a card by ordering it through your immediate superior or company. (Follow your local routines)
Example of how to get a card…
1.1. After obtaining approval for an e-service card, you must take an ID photo and order the card through your card administrator, generally in the same organization that issues the company's pass card.
1.2 Once you have your photo, the card will be prepared. When that is ready, you will receive a recommended letter with your personal code, called the pin code envelope below. A few days later, you will be able to get your card from the card administrator.
1.3 Generally, you get the card from the same place that your photo is taken. You must take your pin code and some form of identification with you to activate and get the card.
2. I have an e-service card but we do not use it in our operations for authentication.
2.1. You must have a card reader by the work station/computer that you are going to use. It must be able to process your e-service card. If it can not do this, you must order it through your local routines, most probably from your local IT support.
2.2 You must also have access to software that can process your e-service card e.g. NetID. If it can not do this, you must order it through your local routines, most probably from your local IT support.
If this occurs, the problem must be resolved locally on the client computer. The easiest way of doing this is for the user to manually accept the new root certificate. If this is not possible because rights are lacking on the client server, the update must be undertaken by somebody from the local IT Support.
the document Technical description SITHS Root CA on this page on Inera.
In accordance with the National Board of Health and Welfare regulations SOSFS 2008:14 2 Chapter 5, a care provider who uses an open network to handle patient data is responsible not only for ensuring that the management system contains routines which safeguard transfer of patient data in such a manner that unauthorised persons can not access the data, but also for ensuring that access to patient data uses strong authentication.
Many quality registers, called the register below, are currently accessible over open networks which is why strong authentication is necessary for log in. An e-service card is a physical, electronic ID action that can be used for strong authentication of the user's identity. The e-service card contains both a personal ID and a service ID.
An e-service card that is based on SITHS (Secure IT in Health and Care Services) complies with the security standard that is common for all County Councils throughout the country.
Because of this, UCR has elected to implement a security solution based on the e-service card and SITHS for those quality registers that UCR manages. The solution utilises the service ID, i.e. the user's HSA-ID as user authentication.
The service ID contains information on your service identity as an employee in the health and care services and can be used to identify you in various care systems nationally, including the quality register managed by UCR.
The following is a brief description of how the SITHS card and HSA-ID can be used for strong authentication with registers affiliated with the UCR Centre of Expertise.