NeHA’s vision is to serve Cypriot citizens, patients, and the healthcare community in its whole as well as decision makers, funding bodies and stakeholders, for the next decades to come. Furthermore, NeHA actively engages in the Xt-EHR and CY-EHDS-2ND projects, facilitating primary and secondary use, respectively, effectively implementing the EHDS regulation.
Currently we focus on developing a mobile application designed to provide citizens with access to their Patient Summary (PS). This initiative aims to enhance healthcare delivery and patient access to medical information, ensuring that critical health data is easily accessible and securely managed. The mobile application is targeted to all Cypriot citizens over the age of 18 and any organisations that has access to medical data.
Considering the reference architecture, in the case of this adoption site, the following blocks are considered:
| Security, Privacy & Authentication | We use CYLogin, the national authentication system. Users can also log into the mobile app via biometric authentication. When sharing medical data, additional security measures include a mandatory 8-digit passcode, an expiration time for link access, and a safeguard that blocks the link after five incorrect passcode attempts until the user re-enables it. |
| Data Management | Mobile Gateway is the core component that handles communication between the mobile app and all other services. The app interacts exclusively with the Gateway, which manages data creation, visualization, and transformations, returning only the necessary information to the mobile application. The citizen has the possibility to download the patient summary in machine format, as well as share it through SmartHealth link. The patient can share this link via scanning a QR code, email or SMS and upon accessing the link, the receiver will be directed to our website. After providing the correct passcode, the receiver can see or download the shared medical information. |
| Consent repository | We have not yet finalized how user consent will be managed. The most likely scenario is that the Smart Health link created in the mobile app will also serve as the user’s consent to share their medical resources, as they are the creator and distributor of the link. |
| Consent Management | Similar to the consent management component, this has not been finalized yet. If implemented, the consent repository will be hosted on our Mobile Gateway. |
| MyHealth@EU Connector | Cyprus is in final testing phases before going live with our MyHealth@EU Connector. We expect to go soon live and able to communicate with other contact points in the production environment. The Connector facilitates cross-border health data exchange within the MyHealth@EU infrastructure. The connector pulls relevant medical information from the country’s designated National Contact Point and gives also the ability for translations of patient summary. |
| Smart Links | We implemented a first version of the solution. The Mobile Gateway generates the link based on the Smart Health Link protocol and returns the URL to the mobile app. The app then creates a QR code from that link, which the citizen can share. The recipient scans the QR code, enters the passcode, and if correct, the Mobile Gateway sends the medical document, allowing it to be viewed, downloaded, and more. |
| Data repository | There are two repositories, the first one is in our Mobile Gateway service and the other is in our NCPeH system. In the first repository we store all data related to functionalities of the mobile application and in the NCPeH repository we have the patient summary. |
| Audit repository | This component will be implemented on our Mobile Gateway server. It will track the creation, access, and deletion of Smart Health links, as well as other actions performed by users within the mobile application. |
As an implementation scenario, the next figure shows how the different blocks are implemented and interconnected in the specific case of this adoption site.
Continue with the development of the mobile application adding new features, namely the linked-option feature, and also connecting the mobile application with the OpenNCP infrastructure on production.
solomou.theodoros@gmail.com
