From 6c5a66982098c34b90dab3a8f02872ca5098ee80 Mon Sep 17 00:00:00 2001 From: Jason Kulatunga Date: Mon, 6 Nov 2023 13:13:16 -0800 Subject: [PATCH] vault backup: 2023-11-06 13:13:16 --- .obsidian/workspace.json | 14 +++++++------- technical/installation-id.md | 25 +++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 7 deletions(-) create mode 100644 technical/installation-id.md diff --git a/.obsidian/workspace.json b/.obsidian/workspace.json index d40dff5..e361dbc 100644 --- a/.obsidian/workspace.json +++ b/.obsidian/workspace.json @@ -53,7 +53,7 @@ "state": { "type": "markdown", "state": { - "file": "news/industry-news.md", + "file": "funding.md", "mode": "source", "source": false } @@ -170,7 +170,7 @@ "state": { "type": "backlink", "state": { - "file": "news/industry-news.md", + "file": "funding.md", "collapseAll": false, "extraContext": false, "sortOrder": "alphabetical", @@ -187,7 +187,7 @@ "state": { "type": "outgoing-link", "state": { - "file": "news/industry-news.md", + "file": "funding.md", "linksCollapsed": false, "unlinkedCollapsed": true } @@ -210,7 +210,7 @@ "state": { "type": "outline", "state": { - "file": "news/industry-news.md" + "file": "funding.md" } } }, @@ -241,9 +241,11 @@ "command-palette:Open command palette": false } }, - "active": "8fe76b87431e4584", + "active": "8360a188f8a1d092", "lastOpenFiles": [ + "technical/installation-id.md", "technical/grants/sbir-sttr.md", + "news/industry-news.md", "roadmap.md", "technical/grants", "technical/marketplace/apple-store.md", @@ -271,8 +273,6 @@ "technical/LICENSE_MANAGEMENT.md", "technical/LOINC_SNOMED_TERMINOLOGY_SERVER.md", "technical/NETWORK_ARCHITECTURE.md", - "technical/PATIENT_DATA_COLLECTION.md", - "technical/PERSISTENT_DATABASE.md", "Untitled.canvas", "banner-transparent.png", "img/Screen Shot 2022-11-23 at 9.09.22 PM.png", diff --git a/technical/installation-id.md b/technical/installation-id.md new file mode 100644 index 0000000..b6a715a --- /dev/null +++ b/technical/installation-id.md @@ -0,0 +1,25 @@ +--- +title: Installation ID +parent: Technical +--- + +While Fasten has been able to integrate with 27,000+ health care institutions, some of the +largest institutions are pushing back because they have concerns about the potential for abuse +given the way the Fasten Lighthouse works. + +> Just a refresher, Fasten Lighthouse is an auth gateway, providing a publicly accessible server for the provider to +> redirect the user to (with their OAuth code) after authentication. Fasten Lighthouse then redirects the user to their +> local/localhost installation of Fasten where the code is swapped for an Access Token. (In some cases the Fasten +> Lighthouse may also be involved in the OAuth code-> access token swap) +> +> See: https://docs.fastenhealth.com/faqs.html#what-is-the-fasten-lighthouse-i-thought-fasten-was-self-hosted + + +Here are their concerns in a nutshell: +- Fasten Lighthouse is a completely stateless application +- Theres no way to determine how many users are associated with the same Fasten installation (container/desktop app) + - **FEAR**: a Fasten self-hoster may offer their server publicly, providing access to a large number of users without having to agree to or follow the privacy policy and terms of use that I shared with the provider to get API credentials. +- Fasten Lighthouse doesn’t(cant?) do any validation that it’s redirecting to an “official” Fasten application + - **FEAR**: a completely separate application could use Fasten Lighthouse with their app, completely ignoring the audit and security review process that the Provider has in place for vetting new applications. + +Both of these concerns are completely valid, given the 10’s of millions of healthcare records some of these Healthcare providers protect.