For many organisations (particularly educational institutions), we have created a Single Sign On (SSO) link so users who are logged into the educational institution's network/intranet can also log into NewHealth.
When logging in, we receive a (nick)name, an external User ID and an organisation identifier via that SSO link. The (nick)name comes from the educational institution's system. We store the external User ID and the user's name. The name is displayed when logging in to personalise the user experience.
At organisations that do not use SSO, users create their own accounts, which can be done using a fictitious name. The only requirement is a working email address to which the user has access.
It is therefore not the case that use via an SSO is “anonymous”, because we store the name that comes from the educational institution's system. It is anonymous in the sense that no one other than the person themselves has access to the data. We only report statistics (e.g. which modules are used) to the educational institution on condition that there are more than 50 users at the educational institution in question, so that data cannot be traced back to an individual person.
It is also anonymous in the sense that the account details (externalUserId and name) are stored separately from the data that users enter in modules. Both the account details and the module data are encrypted. In the unlikely event that the database containing module data is hacked, that data cannot be traced back to an individual, because it is only linked to the account details via an internal key.
Was dit artikel nuttig?
Dat is fantastisch!
Hartelijk dank voor uw beoordeling
Sorry dat we u niet konden helpen
Hartelijk dank voor uw beoordeling
Feedback verzonden
We stellen uw moeite op prijs en zullen proberen het artikel te verbeteren