Managing/editing PDFs in a medical service provision setting

Question

Grateful to the Adobe Community for any help or guidance with the following challenge we are trying to solve at my company:

We are looking to provide a service to healthcare providers through which they will upload specific medical image data (DICOM) that includes PHI/PII to a highly secure/very tightly managed cloud-based location; that data will then have PHI/PII elements encrypted/de-identified after which it will be made available to qualified operators to process and analyze the data, ultimately producing a report in PDF format for return to the provider. These operators must not have access or visibility to PHI/PII. The challenge is we want to decrypt the same PHI/PII elements in the PDF report back to the provider - depositing the report in that same highly secure location they uploaded to and effectively re-identifying that data for their further use. These reports will also include the digital signature of the qualified operator, which we want to maintain in the decrypted/re-identified report made available to the provider.
Any suggestions on how we could address this challenge, Community?

try67 · Answer

I don't think PDFs are the right format for this. Once signed, you can't edit them at all.

You need to find a secure way of transferring the data and digitally signing it, such as an encrypted and secured form on an HTTPS server. There are usually also legal definitions of what constitutes a secure location and transfer method for such data in your specific location. You need to rely on those to make sure you are compliant with the law.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded