No joke: rezepte.lol app promises safe sharing of the e-recipe token


The Android app Recipes.lol is intended to simplify the use of e-recipes. The app allows policyholders to scan, import and store e-prescriptions and enables end-to-end encryption when sharing the e-prescription code. So far it has only been possible to share the 2D code required for the e-prescription with different messengers or an encrypted e-mail. The app is currently available in Early Access for Android devices. There are two ways to share the recipe in the app. The first option opens a “sharesheet” with all the services available on the smartphone.

Developer Tobias Schwerdtfeger and UX designer Felix Handschuh started the project on the side. Accordingly, the design of the Recipes.lol app is somewhat unconventional. The two employees of the future national health agency Gematik GmbH took the Withdrawal of the Association of Statutory Health Insurance Physicians in Schleswig-Holstein (KVSH) as a test region for the e-prescription on the occasion for the app. At the request of the KVSH, the independent state data protection officer there, Marit Hansen, had examined alternative and simpler options for sharing the e-prescription token that were not foreseen by those responsible at the start of the test. However, she concluded that it was not secure to transmit the token to patients without end-to-end encryption – for example with an email.

With “Share securely”, all available recipe information is uploaded to a server in encrypted form and the person receives a link that can be shared. This can only be opened with the Recipes.lol app and is only valid for a short time.


E-prescription token secure sharing app in progress

You have to be sick to test. (Image: Recipes.lol)

Once a link is generated, the data for the recipe is not yet uploaded to the phone. Generating the link is initially intended to create a secure channel, which can then be shared via a messenger. After the recipient accepts the link in the app, the sender receives a message that is encrypted with the sender’s public key.

The sender and recipient compare a one-time code. After confirmation, the information is encrypted with the recipient’s public key and shared. This type of sharing currently only works within the app. In the future, it should be possible to connect the app to the practice management system (PVS) and thus share it from within the system.

The app uses the e-prescription code to read the access code (access code) and the unique ID of the e-prescription (task ID). Pharmacies transmit this information to the e-prescription server of Gematik GmbH, which is responsible for digitizing the healthcare system. Since the app developers do not have access to the information received by the pharmacies, they say they use Google’s ML Kit text recognition software.

When sharing, the app uses a Google cloud service. Only servers from the European Union are used to process the data (data storage: Belgium, Netherlands; processing: Belgium). The photos for the e-prescriptions are deleted after they have been read out. According to the developer, the app processes the following data, which is exclusively on the smartphone:

  • Task ID
  • Access Code
  • Creation date of the recipe
  • issuing person
  • Name des Medikaments
  • Pharma central number (PZN)


(mack)

Source link

READ
Recipes in the stream: star chef Maria Groß conjures up desserts
Previous The Walking Dead: Seasons 1 to 11 - These characters survived the entire series
Next Ukrenergo explained why the light disappeared everywhere and when it will appear - Ukraine - tsn.ua