Frequently Asked Question: FAQ:

What is data sovereignty and what does it have to do with medical photos?

Other FAQs

Data Sovereignty is the idea that data are subject to the laws and governance structures within the nation it is collected. Where data are deemed to be collected can become a little murky when you factor in the location of servers that store data. Here we will try and clear this all up concerning sending and storing clinical photos using PicSafe.

There are many ways in which patient data can, inadvertently, end up travelling internationally. The most common of which are:

  1. Photos in your phone gallery. You take a photo on an iPhone, the photo is stored in the gallery, and the gallery is backed up to Apple's servers. Or, you take a photo on an Android phone, the photo is stored in the gallery, and the gallery is backed up to Google's servers.
  2. Photos in an email. You send an email with a photo in it to someone using a mail provider based in another country (Gmail, Yahoo, Microsoft, etc.).
  3. Photos in messaging apps. You send an SMS or WhatsApp message with a photo in it to someone. It is not sitting on their phone. This phone may be taken internationally.
  4. Photos in third-party storage services. You use a file storage service such as Box, Dropbox, Google Drive or OneDrive.

None of these things needs to be avoided, and indeed they provide valuable services. Depending on how you use then you can, however, fall foul to privacy laws when using them with patient data.

There are over 100 national data privacy laws in effect with a dizzying array of requirements under specific circumstances. As a general rule, we have found that all patient data should not be accessible to those outside of their home legal jurisdiction except where explicit consent is given on a per usage basis. See National Comprehensive Data Protection/Privacy Laws and Bills 2018.

Let us go over how you can protect yourself and your patients' data under each scenario.

1. Photos in your phone gallery.

Don't use the default camera app on your phone for taking patient photos. Further, when you take a photo from within many messaging apps (WhatsApp included), the photo appears in the phone's gallery. To avoid photos from getting uploaded to Google/Apple's servers, you can turn off auto upload, but that is difficult and inconvenient.

PicSafe has been designed in such a way that as soon as you send/store photos, they are removed from your phone. They never appear in your gallery.

2. Photos in an email.

There are special encrypted email services, however they often expensive and rely on both parties using the service. There is also the issue of who has access to the keys used to decrypt the email.

PicSafe allows you to attach an encrypted file to an email meaning that no patient data is visible to prying eyes and the email is sent over the Internet. The keys used to encrypt the files are distributed through a "Key Server". PicSafe hosts a "Key Server" that any PicSafe user can use, or an institution can choose to run their own. Either way, the key to decrypt a file is not stored on the same server that stores the email and the data, and then the key to decrypt can't be accessed without permission being granted and access being logged.

3. Photos in messaging apps.

Much the same as with photos stored in email, photos stored in messaging apps can be accessed in transit or when being stored. Many services encrypt messages but still about end-to-end encryption is not safe. Further, once photos are viewed on a recipients phone, they are stored on the phone. You have no control over where that phone goes or who has access to it.

PicSafe's solution here is not to embed the photo in a message, instead, have a link to the photo in the message. The link points to a file hosted on My PicSafe. My PicSafe has servers in Australia, Canada, Ireland, the UK, and the USA. This means that for users in these countries, patient data will not leave the country. PicSafe users, therefore, send photos securely.

  1. Take a photo.
  2. The app fetches a key and encrypts the data into a file.
  3. The app uploads the file to "My PicSafe" and generates a link.
  4. You can send the link via a messaging app.
  5. The recipient opens the link (either on their phone on their computer).
  6. The recipient is prompted to either create a PicSafe account or sign in (thereby verifying who they are).
  7. The app or browser fetches a key to decrypt the file. Every time a key is fetched it is logged.
  8. The app or browser decrypts the file and displays the contents.

4. Photos in third-party storage services.

Each of the four primary third-party storage services is owned by a US company. The issue over who has access to what data is murky. PicSafe supports all four as we feel that each can be used securely. See the relevant FAQs for how to set up each of Box, Dropbox, Google Drive, and OneDrive. Specific discussion around the data sovereignty for each follows.


In late 2016 Box announced "Box Zones" in the Canada (Toronto). This enables Canadian customers to store their data locally.

Unfortunately, you must have a Box Enterprise account to use Box Zones. The Box website asks that you contact them to get a quote. The Box website asks that you contact them to get a quote. Expect to pay around US$35 per month for this service.

Box provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. Box provides a page called: "Box HIPAA and HITECH Overview and FAQs" to assist with implementation.

This "Is Box HIPAA Compliant?" article gives an excellent summary of what Box does and what you should do to comply.


The Dropbox website says all data is stored in data centres across the United States. There is talk of them using Amazon Web Service's data centres in Europe but the fact that this issue is conspicuously not addressed on its website raises some doubt about using Dropbox outside of the US.

Dropbox have recently added a note on their security page saying "data hosting based in Europe is available for Dropbox Business customers with 250+ seats".

If you decide to use Dropbox, the "Dropbox Basic" free plan, may be all you need for a while. That gives you 2GB of storage which should be enough for roughly 400 photos. If you require more storage space, you can upgrade to various paid plans with monthly fees.

Dropbox provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. Dropbox provides a help page called: "Dropbox Business and HIPAA / HITECH—an overview" to assist with implementation.

This "Is Dropbox HIPAA Compliant?" article gives an excellent summary of what Dropbox does and what you should do to comply.


Google can’t guarantee is that data will be stored in Canada. However, they claim their approach is more secure than keeping everything in a local data centre.

Google provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. To help HIPAA-covered entities use G Suite and Google Drive correctly, Google has released a "Guide for HIPAA Compliance with G Suite" to assist with implementation.

This "Is Google Drive HIPAA Compliant?" article gives an excellent summary of what Google does and what you should do to comply.


Microsoft stores OneDrive data in data centres in the Canada for Canadian users.

Microsoft's OneDrive provides a HIPAA-compliant secure storage option, and while HIPAA is a US-based standard for protecting patient privacy, it is viewed by many around the world as the gold standard in patient privacy regulation. Microsoft's Trust Center has a "HIPAA and the HITECH Act" page that states that is it capable of providing HIPAA-compliant secure storage.

This "Is OneDrive HIPAA Compliant?" article gives an excellent summary of what Microsoft does and what you should do to comply.