[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] encryption of documents in archive
|
From: |
Karsten Hilbert |
|
Subject: |
Re: [Gnumed-devel] encryption of documents in archive |
|
Date: |
Wed, 8 Jan 2014 10:49:45 +0100 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Tue, Jan 07, 2014 at 11:51:24PM +0000, Jim Busser wrote:
> > Do people think it is worthwhile to make available
> > on-demand encryption of documents stored in the
> > archive ?
>
> I am of two minds on this.
>
> Part of me thinks it could be very helpful (prudent, even)
> to have the *capacity* to encrypt a set of files,
While that seems evident it has a serious legal drawback
(and that is when it matters to the provider): IF a given
document, the disclosure of which is under scrutiny, wasn't
encrypted EVEN IF the capacity existed easily for the user
a judge will certainly ask why. If the capacity doesn't
exist at the user level the question doesn't bear as much
weight.
> in order to
> avoid copies of these files to be
>
> - sitting insecurely out in the file system of a praxis client machine or
> server
That is not what I am talking about. Documents in the archive
don't sit around in a filesystem as files just so, neither
in the client nor on the server.
User-invisible temporary files are stored on storage that's
wiped out during reboot (/tmp/).
> - or transported insecurely by the patient who may
> lose their USB stick or CD in transit or misplace it
Patient documents under the custody of said
patient cannot be of concern to GNUmed.
> Challenges would be found in
>
> 1) the selection of the cryptographic system(s) … symmetric, asymmetric, or
> multiple options to support, and
> 2) management of the keys
Indeed, but they would be outsourced
to well-tested applications.
> Patients who have the sophistication to manage a key
> pair could provide the praxis with a public key with which to
> encrypt the files, which key could be stored as a comm
> channel in the existing schema, and which encrypted file
> output could be copied onto USB stick or CD or
> even emailed as an attachment. The task would then fall to
> the patient to decrypt these at their home or at a
> future point of care.
Why store documents in the praxis which the praxis
can't read ? This is custodian work, not medicine.
Karsten
--
GPG key ID E4071346 @ gpg-keyserver.de
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
- [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/06
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/07
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/07
- Re: [Gnumed-devel] encryption of documents in archive,
Karsten Hilbert <=
- Message not available
- Message not available
- Message not available
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/09
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/09
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/09