Short answer: Yes.
Is it necessary?
Before you go to the trouble of doing this, you may want to consider whether it is necessary. There is already, of course, an implicit understanding and ethical obligation that doctors act appropriately. Adding additional technology measures to limit where a user can send a report adds undue complexity to the app. We feel it is far easier for a doctor to use the existing built-in address book (on the phone) to email reports to people they know and trust.
However, we understand that, in certain situations, it may be appropriate to limit where a user can send a PicSafe report.
How the send process works
If you manage the IT department of an institution and it is vital to limit sharing of "reports" outside of your organisation, you will need to set up a private "Key Server".
When a user composes a "report" in the app and presses the "Submit" button, the following happens.
- The app fetches a "key" from a "Key Server". By default, the app uses a Key Server run by PicSafe®. The Key Server dishes out keys and records who can access those keys when attempting to open a report.
- The app packages up a "report" that includes the media, the data; and a PDF. This "report" is then encrypted using the "key". We, in turn, package the "report", along with the location of the key server into ".picsafe" file. The app opens the default email program on the device and attaches the encrypted report. The user then picks to whom they want to send the report, just like composing an ordinary email.
- When the recipient receives the email, they will be prompted to open the .picsafe file in the PicSafe app.
- When they do, the app will open the .picsafe file and get the location of the key server. It will then send a request to the key server asking for the key to decrypt the report. Along with this request, it sends the users information thereby giving us an "audit trail" of who has accessed the report. Once the key is received the app will decrypt the report, and the recipient can see its contents.
Run a private Key Server
If you decide to run a private Key Server, it is possible to put a rule in there that means the key server will only give the key to decrypt reports to PicSafe users who have an email address that ends in "@myhospital.com" (for example).
To set up a private Key Server, PicSafe provides a turnkey Docker image. It allows you to set up and host a private Key Server quickly and can be easily configured to whitelist or blacklist individual email addresses or domains. For example, you could add a rule that says only PicSafe users that have an email address that ends in "@myhospital.com" can access the key to unlock reports.
Instruct users to use your key server
TThe final step is to tell your users to use the Key Server you have set up. To do this, they have to do the following:
- Open the PicSafe app and tap on "Settings".
- Tap on "Institutions Medical Record" and then the "Add" button in the top right.
- In "Send type" select "Email", enter the name of your institution (e.g. "My Hospital"), leave the "Endpoint" field blank, and in the "Key Server" field enter the URL of your Key Server (e.g. https://key.picsafe.com).
- Tap the "Save" button in the top right and go back to the primary form.
- NNow in the primary form, in the "Send to" options there will be a "My Hospital" listing under "Institutions". Tap on that.
Now you can send reports, and it will be encrypted using the Key Server you set up.
For more details on how to setup a private Key Server, please see the Integrations Section of this website.