Technical Implementation
Attributes
Security and flexibility
The system around attributes is an abstract and flexible layer in which we can securely store credentials in encrypted form with reference to a specific user.
Uniqueness
These attributes are unique for the entire user-base per attribute identifier.
Performance
For these reasons we've created a hash mechanism to lookup these attributes within encrypted values in the fastest way possible.
Users
All personal information is encrypted at rest and in transit, it is required for us to exchange this information with other services and make available from our API and thus this information is decrypted (JIT) before returning the response with data.
Password Hashing
We're using the Argon2 industry standard for password hashing.*
Two factor authentication
As per "security of processing" art. 32 GDPR we've taken the appropriate actions to ensure we can allow a sense of security by allowing users to enable two factor authentication for their account, this is completely optional.
Professions and specialisms
Professions and specialisms are used in order to segment group(s) of user(s) for particular access levels for various applications and accreditation requirements of Healthcare Professionals.
Professional associations
This profile information is for user groups that are primarily used for accreditation purposes and in order to validate their Healthcare Professional status with the IQVIA integration.
Access management
All resources and functionality within the administration panel have specific permissions, this makes it possible to get granular permissions for certain administrative users to access only certain resources and functionality required.
Permissions
Every resource and functionality has their own specific rules that can be attached to either users and/or roles directly.
Roles
Roles are like groups, that can contain a set of permissions, allowing to simplify certain tasks required for certain users to execute and grant them permissions directly.