[thelist] large numbers of secure directories and client uploads: the best option?

deke web at master.gen.in.us
Mon Apr 16 01:27:48 CDT 2001 

On 16 Apr 2001, at 14:23, Tony Page posted a message which said:

> I've a surgeon client who wants to put up a section on his site where
> referring doctors can consult reports on their patients' progress, and
> insurers can do similar. Obviously patient confidentiality is important,
> doctors only get to see their own patients' records. So far no big deal. But
> the numbers involved would be several hundred individual doctors, and my
> client wants his non-technical staff to be able to upload the relevant files
> themselves (probably a hundred or so a month, maybe less). Currently his
> site is on an NT server, but I was considering switching it to unix as at
> the moment I have to request permissions alteration from the sysop which is
> a pain.
> I was thinking of setting up individual directories for the doctors with
> htaccess, and maybe using a proprietary program to allow
> upload/download(deletion). Anybody done this kind of thing before, or who
> has any better suggestions?
> This is not a high budget client!

I'm having to make too many assumptions here to be comfortable;
if any of the assumptions are wrong, it is going to change the way
you want to build the site.

I wouldn't want the hassle of maintaining a whole bunch of password
protected directories. If you use random numbers - *large* random
numbers - as filenames, it's going to be about as secure. Make sure
the server is configured to *not* build an index of files for various
directories; it's too easy for an index.html file to disappear.

You'd set up a form with patient's name, date of service, 
a dropdown box for referring doctor, a dropdown box for insurance
companies, a comment field, and a textarea for data.

Your CGI would HTMLize the data and give it randomnumber.html
as a file name. 

It would also format one row of a table using the patient name,
date of service, comment field, and a link to the randomnumber.html
and add this line to an index file for the referring doctor and the 
insurance company, plus a master index for the surgeon. You 
would want to add a second line to the master index showing
the insurance company and the referring doctor.

These index files would be inserted into a table in an HTML page
via SSI.  The point of doing this, rather that putting the information
into the HTML page directly, is twofold: you can "change the password"
for a doctor or insurance company simply by changing the name of
the HTML file; you don't have to edit the CGI script. These files
should also have long-random-number filenames. When you 
assign or change the name of the doctor or insurance company
HTML pages, you should mail a notice to the doctor or insurance
company that they can click on to access the page. (You might
want to recommend to your surgeon that these pages have the
names automatically changed monthly, because of employee
turnover at those offices.)

I would recommend *not* putting the input-data form on the
server. Have the doctor keep it on the computer hard-drive. This
makes it harder for someone to input spurious data. Put an
authentication code in a hidden field of the form, and that adds
a little more security. 

It is illegal in many places to edit medical records. If a record is
wrong, it shouldn't be edited; a second (corrected) record should 
be uploaded as well.  Your doctor might decide that there should
be a field for comments as well, indicating that this was tonsils 
and adenoids, or a lumpectomy, or an update to an older record.

To add a referring doctor, you need to create a referring doctor 
page of HTML (which could be the same for every doctor, just
changing the one line of SSI) and an empty index file for the
referring doctor, and you need to add an item to the SELECT
of the data input field.  Adding an insurance company would be
very similar.

You could set up routines to archive old data, to change the
names of insurance company pages and referring doctor pages,
to add insurance companies, and referring doctors, but that is
going to add substantially to the project cost. Perhaps the
doctor would prefer to pay you monthly to maintain the site, 
rather than have you build a site his staff can maintain. (Perhaps
you would prefer to have this regular income, too.)

deke











------------------------
 "The church is near but the road is icy; 
  the bar is far away but I will walk carefully." 
                            -- Russian Proverb

More information about the thelist mailing list