MedCubes Framework - Security and Access

Healthcare data is extremely sensible, therefore the demands for security and encryption is very high. With MedCubes we are covering multiple security layers

MedCubes Framework - Security Layers

The connection between client and server is using encrypted protocols. Access to our web services is only possible with a preceding login and limited security tokens. MedCubes encrypts external documents when they are saved into our document system. When creating the indexes for these documents for full-text research we are excluding sensitive patient data like name, ID´s or security numbers. Access to all these documents is only possible via the integrated MedCubes permission system.

The MedCubes data layers can handle multiple customers and - underneath them - multiple tenants in one database. When starting the environment we can define, which tables are specific to a single tenant, which are accessible by all tenants of one customer and what tables are globally defined. So it is possible to create a customer-wide patient index for example.

Due to our experience with large customers we are also knowing that the roll-out from one installation to another is normally very time-consuming. MedCubes Framework supports this with integrated deployment and copy features for all areas of the main data. So you can start within the first installation and adopt the default settings to your user´s needs. Then you simply copy these settings - including desktops, permission, workflows, … - within one step to the next installation.

The MedCubes Framework also handles all users, the customers and tenants they can access and every function of the MedCubesApps within the permission system. Access rights for data and functions are defined in profiles and simply assigned to your users. You can define special permissions depending on the actual selected patient. For example your user has rights to edit patient diagnoses in his own department, can view the diagnoses of selected other departments but has no right to view the diagnoses of the neurology department for example. For users in special service units - for example X-Ray - or second opinions you can event grant temporally rights for the time they are answering your orders or questions.