Data privacy and security

The engagement of best practices and techniques for successful security engineering is required for the security and infrastructure services of any national eHealth system. In this framework, eHealth4U adopts certain technologies to guarantee that all its services are designed and developed considering secure engineering principles. ​

To obtain enhanced security, scalability, high availability and data redundancy eHealth4U uses cloud technology while it leverages a microservices software architecture solution using the Google Kubernetes engine. ​

Furthermore, all actions that take place in the platform are logged for auditing purposes while for authorization and authentication the RFC6749 OAUTH2 open standard is used with claims based on the RFC7519 JSON Web Token (JWT) open standard. ​

Access to the EHR data by authorized healthcare providers may be carried out only when the owner of the data (i.e., the citizen) provides them with a consent. ​