bradymiller wrote on Thursday, November 03, 2011:
Hi,
I would suggest looking into using mysqldump(will work in windows) rather than shutting down the database for backups.
I think both the current e-prescribing and labs modules are unidirectional (the calls are made from the local OpenEMR instance to the outside server), so the tunneled connection shouldn’t be needed to secure these. Z&H or MI2 can correct me if I’m wrong.
-brady
yehster wrote on Thursday, November 03, 2011:
While security is a concern for all of patient portal, ePrescribing and Lab interface, the communications protocols are ultimately different for all three as are the remote entities with whom the “onsite OpenEMR instance” is talking to. Some of the concepts and ideas in securing each item are relevant to the others. However, ultimately these are three different and distinct problems. It’s four different problems if you consider “patient portal” as being either the ZH portal or the portal provided in openemr/patients/
The NewcropRx is “bidirectional” that’s one of the big advantages right now of it over my Allscripts method. It loads prescriptions that might have been entered from something other than OpenEMR back into OpenEMR.
The lab module imports data back into OpenEMR.
I can’t describe the protocols used for the lab module or the ePrescription through NewcropRX, but I’m fairly certain they don’t use the SOAP method the ZH portal uses, or the various MySQL dump, read-only connection or replication methods I’m proposing as options for openemr/patients.
zhhealthcare wrote on Thursday, November 03, 2011:
@yester
ZH and MI1 developed the interface for the newcrop eRx as well as the Lab. We replicated the eRx protocols exactly in order to develop the Portal. Therefore I can assure you it uses SOAP calls.
I am not unduly worried at this stage on the security: if it is good for something as sensitive as eRx it should be good for me. Of course I am open to better ideas.
My intent is this: currently only static IP emr are able to use the patient portal. I want to make it such that others without a static IP can use it as well. Some kind of a technology where the EMR will communicate to the portal its current IP every time it comes online.
Shameem
www.zhservices.com
yehster wrote on Thursday, November 03, 2011:
@Shameem,
Thanks for enlightening me on how NewcropRx and the lab interfaces work. Since they both use SOAP like the portal do you need a Static IP to use them as well?
bradymiller wrote on Friday, November 04, 2011:
Hi Shameem,
The security issue is mainly, as brought up by cverk, the fact that OpenEMR needs to be open to the internet for the patient portal to work (as I recall, both newcroprx and the labs module do not need to be open to the internet, because the calls all originate from OpenEMR).
-brady