forked from DPGAlliance/publicgoods-candidates
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ihris.json
119 lines (119 loc) · 4.9 KB
/
ihris.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
{
"name": "iHRIS",
"clearOwnership": {
"isOwnershipExplicit": "Yes",
"copyrightURL": "https://github.com/iHRIS/iHRIS"
},
"platformIndependence": {
"mandatoryDepsCreateMoreRestrictions": "No",
"isSoftwarePltIndependent": "",
"pltIndependenceDesc": ""
},
"documentation": {
"isDocumentationAvailable": "Yes",
"documentationURL": [
"https://github.com/iHRIS/iHRIS",
"https://www.ihris.org/developers-guide",
"https://www.ihris.org/ihris",
"https://ihris.github.io/iHRIS/"
]
},
"NonPII": {
"collectsNonPII": "Yes",
"checkNonPIIAccessMechanism": "Yes",
"nonPIIAccessMechanism": "Some data collected would be non-personally identifiable such as facility data. Data can be imported through CSV, API, or through a FHIR server."
},
"privacy": {
"isPrivacyCompliant": "Yes",
"privacyComplianceList": [
"General Data Protection Regulation (GDPR)"
],
"adherenceSteps": [
"Only collect and retain data necessary, we have data security policies and procedures are the key, the system has data encryption, authentication, and authorization",
"Local laws about data storage are reviewed to determine how and where data is stored. Data sharing agreements are established so that the core software developers can access system to perform diagnosis of issues, fixes, updates, etc.: \n https://www.ihris.org/toolkit-new/pilot/presentation-creating-a-data-sharing-agreement/",
"Privacy policy - https://www.ihris.org/privacy",
"Terms of use - https://www.ihris.org/terms-use"
]
},
"standards": {
"supportStandards": "Yes",
"standardsList": [
"FHIR",
"mCSD"
],
"evidenceStandardSupport": [
"https://www.ihris.org/global-standards",
"https://github.com/iHRIS/iHRIS/tree/master/ihris-backend"
],
"implementBestPractices": "Yes",
"bestPracticesList": [
"We adhere to the Principles of Digital Development and the Health Data Governance Principles and IntraHealth has endorsed both sets of principles and is listed under the endorsements for each. \n https://healthdataprinciples.org/endorse \n https://digitalprinciples.org/endorse/endorsers/"
]
},
"doNoHarm": {
"preventHarm": {
"stepsToPreventHarm": "Yes",
"additionalInfoMechanismProcessesPolicies": "We ensure strong data privacy and security practices are in place in the software and hosting environments and where possible work with stakeholders to put local policies in place. iHRIS has secure access, using authorization and authentication, for only limited number of users, differing levels of access permissions and roles, and allows for customizations to adhere to local laws and procedures"
},
"dataPrivacySecurity": {
"collectsPII": "Yes",
"typesOfDataCollected": [
"iHRIS collects demographic data, education, training, and work history of health workers. that data is owned by the respective country MOH."
],
"thirdPartyDataSharing": "No",
"dataSharingCircumstances": [
""
],
"ensurePrivacySecurity": "Yes",
"privacySecurityDescription": "Authentication, authorization, and other privacy and security features are built into the application. The backend is secured and not exposed except through an API that requires secure tokens."
},
"inappropriateIllegalContent": {
"collectStoreDistribute": "No",
"type": "",
"contentFilter": "",
"policyGuidelinesDocumentationLink": "",
"illegalContentDetection": "",
"illegalContentDetectionMechanism": ""
},
"protectionFromHarassment": {
"userInteraction": "Yes",
"addressSafetySecurityUnderageUsers": "Yes",
"stepsAddressRiskPreventSafetyUnderageUsers": [
"iHRIS users are all government MOH employees, or employees of implementing partners, or other agencies suc as professional councils. the system is not available publicly. "
],
"griefAbuseHarassmentProtection": "No",
"harassmentProtectionSteps": [
"iHRIS does not have a code of conduct for the core software, though these are sometimes put in place locally. Primary users are employees of the government Ministry or subnational Human Resource units. Any relevant terms of use and mechanisms/processes/policies are developed in each country in accordance with local laws and regulations, rather than being embedded in the core software package."
]
}
},
"locations": {
"developmentCountries": [
"Uganda",
"Rwanda",
"United States of America"
],
"deploymentCountries": [
"Botswana",
"Benin",
"Democratic Republic of the Congo",
"Ethiopia",
"Guinea",
"Laos",
"Kenya",
"Liberia",
"Malawi",
"Mali",
"Nepal",
"Nigeria",
"Senegal",
"Togo",
"Sierra Leone",
"Tanzania",
"Timor-Leste",
"Uganda",
"Zambia",
"Namibia"
]
}
}