I'm hoping I can pick some of your brains regarding a current client project I'm involved with.
Without going into too much details, client has asked me to produce a system to track a particular type of NHS patient record. An iPad app will be used to scan this document into the system, where it will be securely transmitted via an API to a backend system that can only be accessed from the various premises belonging to the client.
Now I'm not a security expert, neither am I completely ignorant on how to build secure systems. Client has sent me lots of NHS literature regarding IT/security policies for storage of patient data.
My main concern is that no matter what I do I'm potentially leaving myself exposed to a world of pain here and I'm wondering what the best way of approaching this is. I'm covered by professional indemnity insurance and there's a limit to my liability in my terms and conditions but the way I see it, the less I can get involved in the final production deployment the better - I'm not a systems administrator.
Client needs recommendations on where to host the backend application. The client application is less of a concern as it will not store any patient identifiable data. Backend is written in Ruby on Rails and it needs to be hosted on a UK-based provider.
Backend admin and access to API will be restricted to known IPs at the firewall level. Site will be served with SSL and all API traffic will be encrypted with SSL + public key pinning on the client. Client devices need to be registered by admins using their own login credentials, which will be exchanged for a secure authentication token which can be revoked at any time. Uploaded documents will be stored on an encrypted cloud document provider at rest and in transit. I'm also investigating encryption at the database level. Obviously strict controls need to be in place regarding who can access production servers and how. I intend to recommend my client has the application audited before deployment into production.
I was considering recommending using Brightbox Cloud and their Orbit cloud object storage service:
https://www.brightbox.com
https://www.brightbox.com/cloud/storage/
Any general advice? What regulatory issues do I need to be aware of here? How would you approach this? Developing the software itself is not a complicated task, but I aware I'm a bit out of my depth on the deployment side of this.
Without going into too much details, client has asked me to produce a system to track a particular type of NHS patient record. An iPad app will be used to scan this document into the system, where it will be securely transmitted via an API to a backend system that can only be accessed from the various premises belonging to the client.
Now I'm not a security expert, neither am I completely ignorant on how to build secure systems. Client has sent me lots of NHS literature regarding IT/security policies for storage of patient data.
My main concern is that no matter what I do I'm potentially leaving myself exposed to a world of pain here and I'm wondering what the best way of approaching this is. I'm covered by professional indemnity insurance and there's a limit to my liability in my terms and conditions but the way I see it, the less I can get involved in the final production deployment the better - I'm not a systems administrator.
Client needs recommendations on where to host the backend application. The client application is less of a concern as it will not store any patient identifiable data. Backend is written in Ruby on Rails and it needs to be hosted on a UK-based provider.
Backend admin and access to API will be restricted to known IPs at the firewall level. Site will be served with SSL and all API traffic will be encrypted with SSL + public key pinning on the client. Client devices need to be registered by admins using their own login credentials, which will be exchanged for a secure authentication token which can be revoked at any time. Uploaded documents will be stored on an encrypted cloud document provider at rest and in transit. I'm also investigating encryption at the database level. Obviously strict controls need to be in place regarding who can access production servers and how. I intend to recommend my client has the application audited before deployment into production.
I was considering recommending using Brightbox Cloud and their Orbit cloud object storage service:
https://www.brightbox.com
https://www.brightbox.com/cloud/storage/
Any general advice? What regulatory issues do I need to be aware of here? How would you approach this? Developing the software itself is not a complicated task, but I aware I'm a bit out of my depth on the deployment side of this.
Comment