Short answer: Yes.
Before you go to the trouble of doing this, you may want to consider whether it is necessary. There is already, of course, an implicit understanding and ethical obligation that doctors act appropriately. Adding additional technology measures to limit where a report is sent adds undue complexity to the app. We feel it is far easier for a doctor to use the existing built-in address book (in the phone) to email reports to people they know and trust.
However, we understand that, in certain situations, it may be appropriate to limit where PicSafe reports can be sent
If you manage the IT department of an institution and it is vital that reports are not shared outside of the organisation, you will need to set up your own "Key Server".
When a user composes a "report" in the app and presses the "Submit" button...
If you decide to run your own Key Server it is possible to put a rule in there that means the key server will only give the key to decrypt reports to PicSafe users who have an email address that ends in "@myhospital.com" (for example).
To set up your own Key Server, PicSafe provides a turnkey Docker image. It allows you to very simply set up and host your own Key Server and can be easily configured to whitelist or blacklist certain email addresses. For example, you could add a rule that says only PicSafe users that have an email address that ends in "@myhospital.com" can access the key to unlock reports.
The final step is to instruct your users to use the Key Server you have set up. To do this they have to do the following:
Now you are able to send reports and it will be encrypted using the Key Server you set up.
For more details on how to setup your own Key Server please see the Integrations Section of this website.