Healthcare Smart Card
ApplicationA patient identity card containing health insurance credentials, medical record references, and emergency data on a chip, enabling secure access to health services and offline data retrieval.
What Is a Healthcare Smart Card?
A healthcare smart cardhealthcare smart cardApplicationSmart card for patient identity and health insurance data.Click to view → is a chip-based patient identity card that stores health insurance credentials, medical record references, emergency medical data, and access tokens for electronic health record (EHR) systems. The card's secure element protects sensitive patient data and enables strong authentication when accessing health services -- both online at connected hospital terminals and offline at rural clinics or ambulance systems.
Data Stored on the Card
Healthcare smart cards typically contain several data groups protected by different access control policies:
| Data Group | Content | Access Control |
|---|---|---|
| Insurance credentials | Policy number, insurer ID, coverage tier | PIN or biometric |
| Emergency data | Blood type, allergies, chronic conditions, emergency contacts | No PIN (emergency access) |
| Prescription history | Recent prescriptions, dispensing records | PIN + provider certificate |
| Certificate store | Patient PKI certificates for e-prescriptions | PIN-protected key access |
| Audit log | Last N access records (who, when, what) | Read-only, card-managed |
National Implementations
Several countries have deployed healthcare smart cards at national scale:
- Germany (eGK) -- Elektronische Gesundheitskarte, mandatory for all insured residents. Contact chip card with PKI certificates for electronic prescriptions and health record access.
- France (Carte Vitale) -- contact smart card storing social security credentials and enabling automated health insurance reimbursement.
- Taiwan (NHI Card) -- contactless-capable health insurance card used by 99.9% of the population, storing visit records and prescription data.
Security Architecture
Healthcare cards implement multi-level access control:
- Emergency access -- critical medical data (allergies, blood type) readable without authentication, enabling paramedic access.
- Patient-consented access -- PIN or biometric verification required for insurance and prescription data.
- Provider-authenticated access -- health professional cards (HPC) with CVC certificates must authenticate to the patient card before accessing detailed medical records.
The card's PKI capabilities, based on RSA or ECC keys stored in the secure element, enable digital signatures on electronic prescriptions and patient consent forms.
Interoperability Standards
Healthcare smart cards follow domain-specific standards layered on top of ISO 7816:
- ISO 21549 -- patient healthcard data structure
- EN 14890 -- application interface for healthcare smart cards
- IHE (Integrating the Healthcare Enterprise) -- cross-vendor interoperability profiles for card-based patient identity
Related Content
常见问题
The smart card glossary is a comprehensive reference of technical terms, acronyms, and concepts used in smart card technology. It covers protocols (APDU, T=0, T=1), security (Common Criteria, EAL, HSM), hardware (SE, EEPROM, contact pad), and applications (EMV, ePassport, eSIM). It serves developers, product managers, and engineers.
Yes. SmartCardFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai.