[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] encryption of documents in archive
|
From: |
Busser, Jim |
|
Subject: |
Re: [Gnumed-devel] encryption of documents in archive |
|
Date: |
Thu, 9 Jan 2014 19:53:56 +0000 |
On 2014-01-09, at 5:54 AM, Karsten Hilbert <address@hidden> wrote:
> On Wed, Jan 08, 2014 at 11:14:07PM +0000, Jim Busser wrote:
>
>> OTOH there may exist some documents so confidential (sexual
>> or psychiatric related) as to want to restrict
>> anyone but clinicians to be able to open them.
>
> Those could be encrypted before import.
My first reaction was "well, you would be unable to combine this encrypted
document, perhaps a PDF, together with unencrypted files, into a single PDF
however it may not be necessary for an export to achieve such combining, they
could just be zipped. I suppose the keys that would be needed to decrypt the
one-or-more encrypted contents could be supplied to the receiver in a separate
transaction.
A big problem would however arise if GNUmed was to store enrypted documents,
the keys to which were inaccessible to anyone but an importing clinician who
had stored the key somewhere else, or nowhere.
It seems to me the risk of losing the key would make the above approach a
non-starter. I cannot get my head around importing, into GNUmed, a document
which could never be opened except by the solitary holder of a secret key
inaccessible to GNUmed.
That is why any such encryption should, I think, be overseen by GNUmed as part
of importing a document.
A mini-project could be as follows:
1) call to some reputable open source software (like GPG)
2) point GPG to the document that is to be encrypted
3) auto-archive the now-encrypted document, and
4) ask for, and store, the randomly-generated key
except #4 would need a suitable place to have been identified (if not
developed) in the schema
Borrowing a row in the patient's comm channels could work, and that row could
be marked confidential, but could risk having to create a series of channel
"types" (key1, key2, key3 …) each pointing, in the Comment field, to the
document to which it relates. This would make it a very limited solution. Maybe
it could, in the course of time, be migrated to security or permissions tables
if GNUmed were to later develop these.
-- Jim
signature.asc
Description: Message signed with OpenPGP using GPGMail
- Re: [Gnumed-devel] encryption of documents in archive, (continued)
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/07
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/07
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/08
- Message not available
- Message not available
- Message not available
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Busser, Jim, 2014/01/08
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/09
- Re: [Gnumed-devel] encryption of documents in archive,
Busser, Jim <=
- Re: [Gnumed-devel] encryption of documents in archive, Karsten Hilbert, 2014/01/09