On Monday 25 September 2006 07:37, Andrew Cameron wrote: > How do you restrict access to the main patient db but still allow web > access the the appointments ? > Seems scarey to me.
Appointments are hosted on one server. Medical records on another (the "real" server) Web access to patient records happens through middleware on the appointments server via email: - patient requests record access (authenticated via user name + password on SSL protected link) -> middleware server receives request -> displays "please wait, retrieving record" auto-refreshing page -> send *email* to real server with different (internal) authentication details -> real server receives email, verifies authentication, collates record, and *posts* it to the middleware server -> form processing script extracts session identifier from post, and displays the result under the correct URL so that the patient can see it. Nothing gets cached. That means that nothing other than appointments really gets stored on the one server tat is accessible from the outside world - the middlewar server is listed in the "hosts.deny" table on the real server so that even if it gets hacked, nobody can intrude further from there. Horst _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
