Versions Compared

Old Version 2

changes.mady.by.user Srinivas Tirunahari

Saved on

compared with

New Version Current

changes.mady.by.user Srinivas Tirunahari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

DPG

General Information

Solution name
AMRIT

...

Website

https://amrit.piramalswasthya.org/

Alternate Email Address
amrit@piramalswasthya.org

Where is your solution’s source hosted?
https://github.com/PSMRI/

Key Features of AMRIT

  • ABHA Creation & Verification: AMRIT facilitates the creation and verification of ABHA, a unique digital health ID for every Indian citizen.
  • Secure Access to Health Data: The platform ensures that access to electronic medical records is strictly based on consent, ensuring privacy and security.
  • Nationwide Unified Health Data: By integrating with ABDM, AMRIT consolidates health records from different providers into a unified digital system, promoting continuity of care and data availability across healthcare settings.
  • Consent-Based Sharing: Patients control the sharing of their medical records, ensuring data security and privacy.

SDG RELEVANCE

Which SDG/s is your solution relevant to?
SDG3: Good Health and Well-Being

How is your solution relevant to each SDG you’ve selected above?
SDG3 – AMRIT has been used across several organizations to provide primary healthcare, which includes family planning, mother-and-child care, adolescent health, NCDs, and in preventing alcoholism in rural and tribal settings within India.

  1. Open Licensing

Which open license(s) is/are used by your solution?
GNU General Public License v3.0

Provide evidence of use of the selected open license(s).
https://github.com/PSMRI/AMRIT/blob/main/LICENSE

Clear Ownership

...

Does this solution use any closed components that create proprietary dependency?
No

Documentation

Where is your solution’s documentation?

Non-PII Data Extraction

Does your solution collect or uses non-PII data and/or content?
Yes

Describe the mechanism for extracting or importing non-PII data from or into the system in a non-proprietary format.

Privacy & Applicable Laws

Provide a list of relevant privacy, domestic and other applicable international laws your solution complies with.

Provide evidence(s) of adherence with the laws mentioned above.Open Standards & Best Practices

Provide a list of the open standards your solution adheres to and demonstrate adherence.

Provide a list of best practices & principles your solution adheres to and demonstrate adherence.

9A. Data Privacy & Security Measures

9B. Security Protocols to Safeguard AMRIT Servers

AMRIT takes extensive measures to secure its servers and prevent unauthorized access or attacks:

  • Firewall Configuration: A robust SOPHOS firewall is in place to block malicious incoming traffic and protect against external threats.
  • SSL Certificates for Data Encryption: SSL certificates are used to ensure secure communication between clients and servers, safeguarding data integrity during transmission.
  • SSH Security for Server Access: SSH keys and other secure protocols are implemented to restrict access to server systems, protecting them from unauthorized administrative actions.
  • Password Management: Default passwords are strictly prohibited, and strong, randomized passwords are enforced for all internal systems, preventing unauthorized access and minimizing risk.

Amrit servers is hosting personal data & medical data for citizens & therefore must be properly protected to ensure privacy & security. Your country will likely also have laws & compliance requirements like HIPPA, GDPR, CCPA, PDP, etc. – which need to be adhered for storing citizen data. Unlike paper-based mechanisms, data from computer systems can be hacked, copied, modified or destroyed very quickly by malicious actors – and it is imperative to take server security very seriously.

...

9C. Inappropriate & Illegal Content

Does your solution collect / store / distribute content?
Content is NOT collected NOT stored and NOT distributed.

9D. Protection from Harassment

Does your solution facilitate interactions with or between users and/or contributors?
Yes

How does your solution enable users and contributors to protect themselves from harassment.
The software is not intended for underage users and is expected to be used by professionals in clinical settings. The product does not indicate any harmful intentions in its vanilla state and hence does not restrict the users from accessing

9.E Scale of Solution

Where is this solution developed?
India

...

Who else is using your solution?

Has your solution received any awards and/or recognition in the last one year?

Conclusion and Request for DPG Approval

AMRIT is designed to be a secure, reliable, and user-friendly platform for managing electronic medical records in India. With its advanced encryption, access control, and compliance with industry standards, AMRIT provides a robust foundation for ensuring the privacy and security of health data.

By securing AMRIT’s technical infrastructure and following strict protocols such as SSL encryption, SSH security, and firewall protection, we aim to ensure that sensitive health data is well protected against potential security threats. We request the approval for DPG, as we believe that AMRIT’s compliance with regulatory and security measures meets the requirements for a secure, interoperable digital health solution in India.