Brief description of the solution

PasientLink enables patients to contact their regular GP over the Internet. Patients use a Web browser to write their questions and read the answers. They log on using a user name and password, and a one-time code which they receive as an SMS text message sent to their mobile phone number.

• The principal requirement is that the solution must satisfy the provisions of Norway's new Personal Data Act (Personvernloven) and it must not present a threat to the general security of the health network. This entails three key requirements which influence the choice of architecture:
   Health information must not be sent out of the health network to computers that may not be adequately secured. This makes it impossible to use traditional solutions based on e-mail.
   No communication with computers that hold patient-sensitive information must be initiated from an unsecured zone.
   A form of two-phase authentication is required as access control. This excludes a system based only on passwords. Typically, it is necessary to use an additional unit such as a smart card or a code calculator. In PasientLink, a mobile telephone is used.
• The cost per patient must be very low. The unit cost for adding new patients must not be higher than the standard amount of the patient's contribution for a GP consultation. This excludes solutions that require the installation of physical units at the patient’s home, and also makes it virtually impossible to base the system on solutions that require the installation of software (due to the costs of support).
• The solution must make it possible to send text both ways. In the longer term, multimedia content and other structured datatypes should be supported .

  ---

  <<

  E-mail this

  Share on Facebook
  Share on Twitter