Introducing a Smart Card-based national healthcare system in Algeria
Every healthcare system is unique. But the basic need remains the same across all countries - to secure the health of citizens in the most efficient manner.
With a population of 33 million, Algeria has seen its economy grow fast over the past ten years. Within this booming environment, 80 % of the population benefit directly or indirectly from the protection offered from the CNAS (Caisse Nationale des Assurances Sociales des Travailleurs Salariés). Therefore, the government has developed a nationwide initiative to improve the healthcare service provided (timescale and quality) while reducing operation costs and application fraud.
The existing system cascades down from a centralized administration, the Ministre du Travail et de la Sécurité Sociale (Works and Social Security). Within this structure sits the CNAS, which is then linked to autonomous organizations starting with five Conseils Regionaux de la Santé (CRS) and five Observatoires Régionaux de la Santé (ORS). There is one DSP (Direction de la Santé et de la Population) for each Wilaya, of which there are 48, and then a further 185 care centers across the country.
This dispersal of the existing healthcare system, with its various departments & actors (Hospitals, pharmacies, patients, health insurance organization, etc) requires a strong interaction, a strong need for coordination and, above all, communication. The existing system relied mainly on the use of paper, which made it difficult to manage, trace, and it was very slow.
Creation of a National Healthcare System
During 2005, the CNAS made the decision to implement a nationwide healthcare system based on a strong IT infrastructure. The basic aim was to upgrade the system from manual to electronic in order to provide better health services to their citizens. This new infrastructure fell under the guiding scope of the CNAS.
Increasing the overall security of the system was the key driver in this decision. However, dematerialization was also an important factor as it will facilitate claim processing, automate prescriptions and create a compensation system between health professionals, Insurance companies and Algerian citizens.
At the same time, the system needed to cover both the administrative and care sides of healthcare, including objectives, functionality, conditions for success, limitations, cost, and security.
This system itself is a central repository for information, which is gathered, stored, treated, and shared in order to ease management of health services, including evaluation of cases and planning.
This repository provides a powerful tool in which the CNAS, health professionals, and patients can benefit from a greater visibility of the service, health needs across the population, and it provides useful indicators for use.
The wider advantages of this system range from the simple creation of the software environment, to the implementation of a communications architecture between the different hierarchies of the healthcare system. Information stored can be communicated in real time to care givers, managers, the state and others deemed appropriate in order to take timely and relevant decisions and manage expenses, whether on local, regional or national level.
It also enables a thorough analysis which enables, as an example, adjusting the number of healthcare professionals (doctors, pharmacies, care centers, etc) to a given population in a given place.
Introducing a card based healthcare project is part of a series of social security reforms designed to update the entire Algerian information system.
The system, operating on three main levels (Operational, Management and Strategic), needed to take into account certain functions:
- Firstly, it had to be sufficiently open, by which it was meant that each authorized user was able to consult the data they needed. Also, different establishments were able to exchange information as necessary.
- It had to be easy to use. Knowing that not everyone is an IT guru, the system was adapted for those with even the most basic knowledge. This also extended to the user interface, which needed to be coherent within the different operating levels.
- It had to be future-proof and modular, so that new functions could be added over time.
- Above all, the system had to be reliable to get the maximum use, visibility and reaction time across the board.
Why use a smart card?
Any healthcare system that manages a budget of millions of euros understands the need for better control. Smart cards are the best proven technology to meet these needs as they are cost effective and easy-to-use.
Unlike paper documents, smart cards cannot be easily forged. They benefit from the inherent high levels of security used in other applications, such as banking, telecom and identity. The same security mechanisms as in the banking sector, with strong offline and/or online verification (PIN or biometric) limit the unlawful use of lost or stolen cards to gain access to healthcare.
Dematerialization of the medical prescription from paper to electronic format, stored within the card, helps organizations reduce costs and increase efficiency.
Smart card solutions enable the preauthorization of the health transaction by storing the validity of the patient ’s rights.
The card body itself becomes a secure tool by adding the user ’s picture and extra security features, such as a guilloche, rainbows, hidden words, etc.– all of which have been previously developed for banknote and ID applications and can be easily re-used in e-healthcare systems.
The solution selected by the CNAS
A grand total of 7 million smart cards were ordered, designed to identify each insured party, and their dependants. Validating each patient ’s rights at the moment of use gives the CNAS the ability to better control fraud and the consumption of health products. Finally, the card secures ePrescriptions with the signature of each patient.
The CNAS selected an off-line system for patient authentication and an on-line system for the authentication of health professionals. This allows for a decentralized healthcare electronic application while providing a centralized collection of data between health professionals and the CNAS organization, based on three main elements:
1. Card issuance:
With a life expectancy of five years, the card needed to be updatable and with adequate space to add functionality as required. Security features included 3DES cryptographic.
Every patient smart card is personalized using industrial centralized personalization software and then sent by mail to the patient. The card features a color picture for improved face-to-face authentication.
2. Card acceptance:
The reader is used to read the data stored in the patient smart card. A PIN code, entered by the patient, authenticate that they are who they say they are. The reader features an integrated PIN pad for convenience and security.
Smart USB keys for health professionals:
Not to be confused with the card sent to the patient, health professionals were given their smart cards embedded into a USB token. Based on Public Key Infrastructure, this offers strong authentication of the user onto the national Healthcare IT system and manages the level of access that each health professional benefits from. This will enable them to centralize all the claims issued during the working day professional and allow them to electronically sign prescriptions.
3. Application & Security:
The application is PC-based which allows for fast deployment and easy-to-use software. The application will manage the claim and prescription functionality and is designed to support future evolutions.
In order to securely exchange data on the national Healthcare IT Trust center, a global security architecture will be put in place and a third party trust center (Certification Authority) created and managed by the CNAS.
The project will be rolled out in three phases:
Phase 1, lasting nine months, is for the specification, design and implementation of the entire system.
Phase 2 is the pilot phase of the solution in 5 Wilayas, from card manufacturing and personalization, to the installation at a healthcare professional such as a pharmacy, and all other aspects related to the security of the project or other services.
Phase 3 is the deployment itself. The system will be deployed nationwide and achieved by the end of 2008.
- Creation of a robust base for better healthcare to the Algerian citizen
- Better operational cost and efficiency
- Reduction of fraud
This project confirms the worldwide trend of social security reform and the creation of national healthcare IT infrastructure to provide better services to the citizen and to better manage the “human assets ” of a given country.
Gemalto is the prime contractor for the entire system in Algeria, from card issuance, card acceptance, security and application, and system integration.
Gemalto (Euronext NL 0000400653 GTO) is a leader in digital security with pro forma 2005 annual revenues of $ 2.2 billion, operations in 120 countries and 11, 000 employees including 1, 500 R&D engineers. The company ’s solutions make personal digital interactions secure and easy in a world where everything of value -from money to entertainment to identities-is increasingly represented as bits and bytes communicated over networks.
Gemalto thrives on creating and deploying secure platforms, portable and secure forms of software in highly personal objects like smart cards, SIMs, e-passports, readers and tokens. More than a billion people worldwide use the company ’s products and services for telecommunications, banking, e-government, identity management, multimedia content, digital rights management, IT security and other applications. Gemalto was formed in June 2006 by the combination of Axalto and Gemplus International S.A.
Head of Health Care Marketing
Avenue du Jujubier
Z.I. Athelia IV
13705 La Ciotat Cedex
Tel.: +33 /4 42 36 -44 46
Mobile: +33 /6 08 97 19 28
For more information please visit
Ein Herunterladen des Dokuments ist ausschließlich zum persönlichen Gebrauch erlaubt. Jede Art der Weiterverbreitung oder Weiterverarbeitung ist untersagt.