Encryption, key sharing infrastructure

[codingbandit]

All PII (contacts, medical information) needs to be encrypted/decrypted from a blob. When PII is shared, keys need to be shared to other users to decrypt the information.

• Needs a specification

[dpaquette]

Not sure if this will work for what we're trying to accomplish but Cosmos does support always encrypted now. At a minimum it would ensure the data in the database is encrypted.

https://devblogs.microsoft.com/cosmosdb/always-encrypted/

[oneolddev]

Does HIPAA apply? I only ask because of the storage of medical information.

I've worked on systems where some fields in the a record were encrypted in the database. Only the application server had the keys to encrypt and decrypt these fields. The data was considered to sensitive to expose even to the database admins.

A similar mechanism could be used here. It could be implemented as part of the api service.

[RichardCampbell]

While I don't think HIPAA applies since its purpose is to stop medical institutions from utilizing patient data outside of treatment, we do have a responsibility for privacy - and we have no need to access any of the data that the user enters into the system. It can be stored as an encrypted blob that can be backed up in the cloud if the user wishes, and also synced across other devices within the family.

Also, I'd like to move away from asking specific medical questions that might confuse or concern folks - I'd rather have large unstructured fields that allow the user to enter whatever they think they need. We can offer suggestions for them, but the detail fields are largely unnecessary.