Can we limit who a doctor can send a report to?

Other FAQs

Short answer: Yes.

Is it necessary?

Before you go to the trouble of doing this, you may want to consider whether it is necessary. There is already, of course, an implicit understanding and ethical obligation that doctors act appropriately. Adding additional technology measures to limit where a report is sent adds undue complexity to the app. We feel it is far easier for a doctor to use the existing built-in address book (in the phone) to email reports to people they know and trust.

However, we understand that, in certain situations, it may be appropriate to limit where PicSafe reports can be sent

How the send process works

If you manage the IT department of an institution and it is vital that reports are not shared outside of the organisation, you will need to set up your own "Key Server".

Process when sending via email

When a user composes a "report" in the app and presses the "Submit" button...

  1. The app fetches a "key" from a "Key Server". By default the app uses a Key Server run by PicSafe. The Key Server dishes out keys and records who access those keys when a report is opened.
  2. The app packages up the media, the data, and a PDF into a "Report". This Report is then encrypted using the "key". The report is then packaged along with the location of the key server into ".picsafe" file. The app opens the default mail program on the device and attaches the encrypted report. The user then picks to whom they want to send the report just like composing a normal email.
  3. When the recipient receives the email they will be prompted to open the .picsafe file in the PicSafe app.
  4. When they do, the app will open the .picsafe file and get the location of the key server. It will then send a request to the key server asking for the key to decrypt the report. Along with this request it sends the users information thereby giving us an "audit trail" of who has accessed the report. Once the key is received the app will decrypt the report and the recipient can see its contents.
Run your own Key Server

If you decide to run your own Key Server it is possible to put a rule in there that means the key server will only give the key to decrypt reports to PicSafe users who have an email address that ends in "@myhospital.com" (for example).

To set up your own Key Server, PicSafe provides a turnkey Docker image. It allows you to very simply set up and host your own Key Server and can be easily configured to whitelist or blacklist certain email addresses. For example, you could add a rule that says only PicSafe users that have an email address that ends in "@myhospital.com" can access the key to unlock reports.

Instruct users to use your key server

The final step is to instruct your users to use the Key Server you have set up. To do this they have to do the following:

  1. Open the PicSafe app and tap on "Settings".
  2. Tap on "Institutions Medical Record" and then the "Add" button in the top right.
  3. In "Send type" select "Email", enter the name of your institution (e.g. "My Hospital"), leave the "Endpoint" field blank, and in the "Key Server" field enter the URL of your Key Server (e.g. https://key.picsafe.com).
  4. Tap the "Save" button in the top right and go back to the main form.
  5. Now in the main form, in the "Send to" options there will be a "My Hospital" listing under "Institutions". Tap on that.

Now you are able to send reports and it will be encrypted using the Key Server you set up.

For more details on how to setup your own Key Server please see the Integrations Section of this website.