This profile defines a mechanism for adding Digital Signatures to Structured Reports or Key Object Selection Documents where there is no more than one Verifying Observer. Instances that follow this Digital Signature Profile shall include at least one Digital Signature at the top level of the Data Set.
All Digital Signatures that follow this profile shall include a Digital Signature Purpose Code Sequence Attribute (0400,0401).
As a minimum, an implementation shall include the following attributes in generating the Digital Signature required by this profile:
the SOP Class UID
the Study and Series Instance UIDs
all attributes of the General Equipment Module that are present
the Current Requested Procedure Evidence Sequence
the Pertinent Other Evidence Sequence
the Predecessor Documents Sequence
the Observation DateTime
all attributes of the SR Document Content Module that are present
If the Verification Flag is set to “VERIFIED” (and the SOP Instance UID can no longer change) at least one of the Digital Signatures profile shall have the purpose of (5,ASTM-sigpurpose,”Verification Signature“) and shall also include the following Attributes in addition to the above attributes:
the SOP Instance UID
the Verification Flag
the Verifying Observer Sequence
the Verification DateTime
Notes: The system may also add a Creator RSA Digital Signature, which could cover other attributes that the machine can verify.
All occurrences of Referenced SOP Instance MAC Sequence (0400,0403) shall have the Value of MAC Algorithm (0400,0015) set to either "RIPEMD160", “MD5”, “SHA1” , “SHA256”, “SHA384” or “SHA512”..
The Digital Signature shall be created using the methodology described in the Base RSA Digital Signature Profile. The Application Entity shall determine the identity of the signatories and obtain their certificate through an application-specific procedure such as a login mechanism or a smart card. The conformance statement shall specify how the application identifies signatories and obtains certificates.
Note: Structured Report RSA Digital Signatures bear no direct relationship to other Digital Signatures. However, other Digital Signatures, such as the Creator RSA Digital Signature, may be used to corroborate the timestamp of a Structured Report RSA Digital Signature.