FAQ

How do I set up my own Endpoint?

Other FAQs

Before explaining how to do this, a brief description of how the MediCam send process works in necessary.

It is possible to send reports to an endpoint via HTTP or HTTPS. It is also possible to specify if the reports should be encrypted in the app prior to being sent. Obviously, it is possible to send reports that are encrypted in the app as well as sending via HTTPS also. This is recommended. If using HTTP you should make sure that reports are always encrypted in the app before being sent. This is a big security vulnerability if not!

Whether a report is send via HTTP or HTTPS is merely a matter of which protocol is specified when an institution is added. "http://endpoint.medicam.io" would send it via HTTP and "https://endpoint.medicam.io" would send it via HTTPS.

Encryption options

Below we will discuss the different processes relating to whether the report is encrypted in the app before sending or not.

Process when sending to an endpoint

Encrypt the report in the app prior to sending

In the diagram above see the pink lines. When a user composes a "report" in the app and presses the "Submit" button...

  1. The app fetches a "key" from a "Key Server". All that Key Server does is dishes out keys and logs who access those keys when a report is opened. When running your own endpoint and encrypting reports before being sent you must setup your own Key Server.
  2. The app packages up the media, the data, and a PDF into a "Report". This Report is then encrypted using the "key". The report is then packaged along with the location of the key server into ".medicam" file. The app sends the report to endpoint (URL).
  3. The endpoint receives the .medicam file and sends a request to the Key Server to get the key to decrypt the report. It then decrypts the report and in turn sends it on.
  4. The endpoint can then be configured to send to report another location (e.g. a patients medical record).
Don't encrypt the report in the app prior to sending.

In the diagram above see the green lines. When a user composes a "report" in the app and presses the "Submit" button...

  1. The app packages up the media, the data, and a PDF into a "Report". The app sends the report to endpoint (URL).
  2. The endpoint receives the Report (zipped file that contains the media, data and PDF).
  3. The endpoint can then be configured to send to report another location (e.g. a patients medical record).
Run your own Endpoint Server

An Endpoint is basically a server that hosts middleware that your IT department will need to create. It simply takes reports uploaded to the endpoint and moves them into your medical record system. MediCam does not perform this integration. MediCam provides a sample Ruby on Rails application that does this. It is an easy task to write something similar in another language.

To trial this system, you do not need to set up your own endpoint yet - we have a test endpoint setup but please note, all reports are visible to the public. DO NOT USE IT FOR LIVE PATIENT DATA.

To test it out do the following:

  1. Open the MediCam app and tap on "Settings".
  2. Tap on "Institutions Medical Record" and then the "Add" button in the top right.
  3. In "Send type" select "Post (Dynamic Key)", enter the name of your institution (e.g. "My Hospital"), in the "Endpoint" field enter "http://endpoint.medicam.io", and leave the "Key Server" field blank.
  4. Tap the "Save" button in the top right and go back to the main form.
  5. Now in the main form, in the "Send to" options there will be a "My Hospital" listing under "Institutions". Tap on that.

Now you are able to send reports to the email you set up. When you "Submit" the report will be uploaded to the demo endpoint. Once finished uploading, if you go to http://endpoint.medicam.io/ you will see the report you uploaded. Obviously under normal circumstances a page like this would not be visible to the public.

Instruct users to use your Endpoint Server (and Key Server if using it)

There is, of course, one more step. We have to instruct users to use the Endpoint you have set up. To do this they have to do the following:

  1. Open the MediCam app and tap on "Settings".
  2. Tap on "Institutions Medical Record" and then the "Add" button in the top right.
  3. In "Send type" select "Post (Dynamic Key)", enter the name of your institution (e.g. "My Hospital"), enter the "Endpoint" URL (e.g. http://endpoint.medicam.io), and in the "Key Server" field enter the URL of your Key Server (e.g. https://key.medicam.io) if you have set up one, otherwise leave it blank.
  4. Tap the "Save" button in the top right and go back to the main form.
  5. Now in the main form, in the "Send to" options there will be a "My Hospital" listing under "Institutions". Tap on that.

Now you are able to send reports and it will be encrypted using the Key Server you set up.


For more details on how to setup your own Key and/or Endpoint Server please see the Integrations Section of this website.