- This topic has 1 reply, 2 voices, and was last updated 7 years, 11 months ago by
.
-
Posts
-
Hi,
As I understand it, all patient records and measurements are stored in the MySql database according to the data model as described http://4s-online.dk/wiki/lib/exe/fetch.php?media=opentele:opentele_fysisk_datamodel_2.0.2.pdfAre there any considerations on the privacy aspects of storing the information in “clear text” in the database? Has there been any discussions with the IT responsible parties of the current installations of the system? And is there any legislation in Denmark that regulates these aspects of the information handling?
Regards,
GeirHi Geir,
The information is as you are saying stored in clear text (unencrypted) in the database underlying OpenTele. I have asked around a bit and it has not been an issue as such here in Denmark. As I understand it it is seen as sufficient that data is protected through perimeter security. That is, that all servers are behind firewalls and other mechanisms securing the network from outside intrusions.
I am not aware of DK legislation that specifically what call for encryption or similar. I believe the wording of the legislation is more generic and calls for protection preventing access to the data if you do not have express consent from the patient or you are actively engaged in treating the patient (“behandlerrelation”).
But mind you, I am no expert on the above matters,
Regards,
Michael
- You must be logged in to reply to this topic.