Implementation Details and FAQs

This page is to include all the big and small caveat in the Patient data components.

Can the datasets be downloaded if the hospital has not approved?

No, it can't be downloaded, it's a 2 level consent, first, the sender hospital has to approve the data exchange process, following which a consent notification is sent to the patient. Once the patient provides their consent, the requesting hospital can download the data.

What data is downloaded at each time?

Every time the requested party clicks on downloading the datasets, the no. of patients that have given their consents at that particular moment would be downloaded.

In which database and collection is these consents are stored and managed?

There is a JavaScript file called createCollections.js, which handles this task and stores the consent in the mydb database and PrescriptionRecords collection.

Safety of the Patient Level Data

The core encryption logic involves an asymmetric encryption architecture and a GCM block cipher with AES encryption. The Encryption/Decryption Module is implemented as prescribed by NDHM using a Java Library called bouncycastle. So, the Data Exchange happens in a safe and secure manner.