Re: [Care2002-developers] Education Provision

[Elpidio Latorilla]

On Wednesday 18 February 2004 02:23, Terry Galloway wrote:
> 1.The idea of sharing data between institutions is an excellent         one
> as Elpilidio has stated, however there are data protection issues that need
> to be explored.

I dont know your data protection policies yet but anyway we can explore a 
possible solution theoritically.

Principle:
The person is the sole owner of his data and has the exclusive right to decide 
who is allowed to access it (except in cases of "emergency").

Technical solution:
The student whose data are stored in the university database will be given an 
official form (paper or electronic) where he can decide whether he will allow 
outside agents to access his data. If no, then the data are flagged as 
"this_inst_only". If yes, then he can check which outside agents are allowed 
access.

Example form:

Allow access for outside agenst  [Yes]  [No]
If yes pls. check the ff: agents:

[ ] All outside agents
[ ] Rural clinic 1
[ ] City General Hospital
[ ] Dr. Smith GP

Signature ___________________________

All selected agents will then be included in the flag. Once an outsider 
requests access to the data, the system will check whether he is on the list 
of allowed agents.

Regarding "emergency" cases,  there is a big problem here. Although it is 
technically very easy for the agent to send an "emergency" code together with 
the access request, how will the system know that this is a legitimate 
"emergency" case? 

Any ideas, or tested solutions for this?

Regards,
elpidio


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id56&alloc_id438&op=click
_______________________________________________
Care2002-developers mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/care2002-developers