Single Sign On - Patient Context Sharing Standard
Single sign on is the process where a user logs on once and is able to access a range of applications through multiple channels without having to log on again.
Patient context sharing is the sharing of clinical information across applications so that specific content for a given patient can be immediately displayed without having to reselect it within each application.
This standard allows you to benefit from these two processes and access a range of ehealth solutions including the ConnectingOntario ClinicalViewer and Ontario Telemedicine Network portal.
The single sign on/patient context sharing standard is based on the OASIS* SAML** version 2 specification with additional, custom attributes to support the eHealth Ontario single sign on model. SAML is a standard format, used in federated systems for the purpose of exchanging authentication data.
SAML architecture contains:
- Profile – context around type of operation being performed
- Bindings – details governing how a transaction will proceed
- Protocol – which informs the type of transaction being performed
- Assertions – details about the user including how they were authenticated.
V1.5 provides access to applications with a wider range of information about users, e.g. login location (city or town), professions and specialties, in addition to enhancing patient context and supporting multi-factor authentication. V1.5 continues to support the following:
- Provider identity verification
- Provider authentication and authorization
- Auditing and compliance
- Security and access management
- Provider workflow enhancements (passing patient context).
Adoption of this specification leads to an ecosystem of connected applications, delivering a wealth of patient information, in a secure and trusted fashion to Ontario’s health care providers.
* OASIS is the organization for the advancement of structured information standards.
**SAML is the security assertion markup language standard, which defines a framework for exchanging security information between online business partners.
This document has been exempted from translation under the French Language Services Act as per O. Reg. 671/92. This document is technical in nature and is available in English only due to its limited targeted audience.
This publication has been exempted from translation under the French Language Services Act as per O. Reg. 671/92. This publication is technical in nature and is available in English only due to its limited targeted audience.
March 23, 2017
V1.5: Now available to download
February 15, 2017 - March 16, 2017
V1.5: Ontario EHR Architecture & Standards Governance Committee Approval
January 03, 2017 - January 27, 2017
V1.5: Open Review Period
November 20, 2014
V1.4: Now available to download
November 20, 2014
V1.4: Ontario EHR Architecture & Standards Governance Committee Approval
August 27, 2014 - September 24, 2014
V1.4: Open Review Period