Smart Health Card

Full Title or Meme

A (usually virtual) Smart Card containing at least some Identity and some Health Information, typically vaccination data,

The Smart Health Card is one of a series of SMART health specifications initiated by Boston Children's Hospital often with Harvard and other Boston hospitals.

Context

• What are SMART Health Cards? The (SHC) Web Site from Boston Children's Hospital.
• The primary context is the Kantara Health Care Profile.
• There is a commercial effort in Microsoft as part of VCI to take ownership of this term for the VCI that they belong to using DIDs. The SHC is structured like a Verifiable Credential using FHIR formatted data from HL7 EHRs, but there is no ability to give patients control of the data that is released from the SHC.

Design Goals

1. Support end-to-end workflow where users receive and present relevant healthcare data
2. Enable workflow with open standards
3. Support strong cryptographic signatures
4. Enable privacy preserving data presentations for specific use cases

Use Cases

• Authentication and Information Sharing occurs when a Relying Party scans or downloads the card and checks the user name and birthdate against other ID, like a driver's license.
• Apple iOS 15 can capture and share the Smart Health Card.
• Verifiable Health Records support for Apple EHR vendors describes that the SHC is included in the health app rather than in the wallet.

Technical Details

• Smart Health Card Technical Specs
• Github for smart health cards
• Github for smart health cards dev tools

The overall JWS payload matches the following structure (before it is minified and compressed):

{
 "iss": "<<Issuer URL>>",
 "nbf": 1591037940,
 "vc": {
   "type": [
     "https://smarthealth.cards#health-card",
     "<<Additional Types>>",
   ],
   "credentialSubject": {
     "fhirVersion": "<<FHIR Version, e.g. '4.0.1'>>",
     "fhirBundle":{
       "resourceType": "Bundle",
       "type": "collection",
       "entry": ["<<FHIR Resource>>", "<<FHIR Resource>>", "..."]
     }
   }
 }
}

Embedding in QR codes

• The Smart Health Card is typically embedded in a JWS (JOSE) format with a header, payload and signature block for verification. While it can be transported in many media, the commonly used method is in a QR code displayed on paper in stored as a photo in a smart phone.
• Each JWS string that appears in the Verifiable Credential of a .smart-health-card file can be embedded in one or more QR codes. We aim to ensure that printed (or electronically displayed) codes are usable at physical dimensions of 40mmx40mm. This constraint allows us to use QR codes up to Version 22, at 105x105 modules. When embedding a JWS string in QR codes, the JWS string SHALL be encoded as Numerical Mode QR codes consisting of the digits 0-9 (see Encoding Chunks as QR codes).
• On iPhones the default behavior of scanning a QR Smart Health Card is to ask to store the VC in the Apple Wallet.
• WARNING the size recommended above can be scanned by modern (in 2021) smart phone with a high resolution camera, but cannot be resolved by most PC cameras or less expensive smart phones.

References

• Smart Health Card Example in typescript on Windows