Before explaining how to do this, a brief description of how the PicSafe send process works in necessary.
It is possible to send reports to an endpoint via HTTP or HTTPS. It is also possible to specify if the reports should be encrypted in the app prior to being sent. Obviously, it is possible to send reports that are encrypted in the app as well as sending via HTTPS also. This is recommended. If using HTTP you should make sure that reports are always encrypted in the app before being sent. This is a big security vulnerability if not!
Whether a report is send via HTTP or HTTPS is merely a matter of which protocol is specified when an institution is added. "http://endpoint.picsafe.com" would send it via HTTP and "https://endpoint.picsafe.com" would send it via HTTPS.
Below we will discuss the different processes relating to whether the report is encrypted in the app before sending or not.
In the diagram above see the pink lines. When a user composes a "report" in the app and presses the "Submit" button...
In the diagram above see the green lines. When a user composes a "report" in the app and presses the "Submit" button...
An Endpoint is basically a server that hosts middleware that your IT department will need to create. It simply takes reports uploaded to the endpoint and moves them into your medical record system. PicSafe does not perform this integration. PicSafe provides a sample Ruby on Rails application that does this. It is an easy task to write something similar in another language.
To trial this system, you do not need to set up your own endpoint yet - we have a test endpoint setup but please note, all reports are visible to the public. DO NOT USE IT FOR LIVE PATIENT DATA.
To test it out do the following:
Now you are able to send reports to the email you set up. When you "Submit" the report will be uploaded to the demo endpoint. Once finished uploading, if you go to http://endpoint.picsafe.com/ you will see the report you uploaded. Obviously under normal circumstances a page like this would not be visible to the public.
There is, of course, one more step. We have to instruct users to use the Endpoint you have set up. To do this they have to do the following:
Now you are able to send reports and it will be encrypted using the Key Server you set up.
For more details on how to setup your own Key and/or Endpoint Server please see the Integrations Section of this website.