[英]HIPAA Compliant Android Apps I Can Invoke Via Intents
My company has a customer which is requesting we can provide PDF and media content which is HIPAA compliant through our Android app. 我公司有一个客户,要求我们可以通过我们的Android应用程序提供符合HIPAA要求的PDF和媒体内容。 I was wondering if there are any existing apps out there for viewing Media and PDFs, which are HIPAA compliant, that I can invoke via an intent. 我想知道是否可以通过意图调用现有的应用程序来查看符合HIPAA要求的媒体和PDF。 I would prefer to pass via the intent a URL to stream the content from, which I can control its security, or an encrypted file and key to the intent. 我希望通过意图传递一个URL来流传输内容(可以控制它的安全性),或者加密文件和意图的密钥。
My understanding on what chagnes I need to make to be HIPAA compliant is to make sure we never save these media/PDF files to disk or if we do we encrypt them. 我对要符合HIPAA标准需要做些什么的了解,是要确保我们永远不要将这些媒体/ PDF文件保存到磁盘上,或者如果我们这样做,我们就要对其进行加密。
As far as media content is concerned, I can currently play the media content in a MediaPlayer but after doing some research I have found no information if the MediaPlayer internal implementation is either HIPAA compliant or not. 就媒体内容而言,我目前可以在MediaPlayer中播放媒体内容,但是经过一些研究后,我没有发现MediaPlayer内部实现是否符合HIPAA的信息。 I've tried digging through the source of Video and MediaPlayer and can not conclude either way if this stores anything on the internal storage of the device. 我已经尝试挖掘Video和MediaPlayer的来源,并且如果在设备的内部存储中存储了任何内容,则无法得出任何一种结论。
With PDFs, I rely entirely on 3rd party applications for downloading and viewing the PDF files. 对于PDF,我完全依靠第三方应用程序来下载和查看PDF文件。
A backup solution is to include 3rd party applications for media/PDFs and modify anything that would need changing to be HIPAA compliant. 一个备份解决方案将包括用于媒体/ PDF的第三方应用程序,并修改任何需要更改以符合HIPAA要求的内容。
In the Android ecosystem, third-party and HIPAA compliance are just about mutually exclusive. 在Android生态系统中,第三方和HIPAA遵从性几乎是互斥的。
By firing off an intent, you are delegating the next action to the OS and to the user--you have very limited control over what app gets launched, and though unlikely, you could very well wind up passing PHI to Sketchy NSA Phone-Home PDF Scraper Pro ™. 通过发出意图,您将把下一个动作委派给操作系统和用户-您对启动什么应用程序的控制非常有限,尽管不太可能,但您很可能最终将PHI传递给Sketchy NSA Phone-Home PDF Scraper Pro ™。
Admittedly, I'm not sure where the software's responsibility ends and the end-user's begins under HIPAA. 诚然,我不确定在HIPAA下软件的责任在哪里结束,最终用户从哪里开始。
Never say never, but you will probably need to incorporate a reader into your app. 永不言败,但您可能需要将阅读器整合到您的应用中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.