The Wound Mapp add-on (ver 1.3.3 at the time of writing) to the MedImage Server is intended to be used in a small organization e.g. a GP practice. Although performance-wise it could handle a larger set of users, the security is relatively light-weight.
If you are using this software across e.g. a hospital, or multiple-site installation, we can only recommend usage for evaluation purposes, at present. If you choose to take live patient photos, you would be strongly advised to keep this software completely on your own internal networks and limit access to the machines that can see the server. We are working towards building an enterprise version, which includes individual logins and multiple organization access rights.
The Wound Mapp ‘lite’ version, therefore, has the following security characteristics:
- A single password login
- Encrypted, secure transfer of images and other content, provided you use a secure domain and keys
- If you can login, any user can export organization-wide meta data
- The browser will remember a password that has been entered. Please log out (click the ‘padlock’ on the search page in your browser), if you do not wish the next user on the machine to access the wound photos
- If you are on an external machine, for demonstration purposes, please use a private browser window and delete the window after use.
- You can restrict access to the target wound photo folders via standard Windows network logins.
This software therefore does not meet the HISO or HIPAA medical software standard recommendations for providing every user with their own individual login, at present.