The nomela® infrastructure is secure, fully integrated and separate from any local Healthcare IT.
Patient confidentiality is protected by “pull” access for reports to be added to Electronic Patient Records.
The nomela® infrastructure
Securing dedicated iPads
The nomela® medical test software is controlled and pushed by a Mobile Device Manager (MDM) to designated iPads which are configured automatically for approved users.
The nomela® software runs without internet connectivity as a single application on the iPad.
All links to iCloud are disabled through the MDM.
Securing transmission from iPads to AWS Server
nomela® uses a fully managed Amazon Web Services (AWS) environment that aligns with the National Cyber Security Centre (NCSC) Cloud Security Principles and the Centre for Internet Security (CIS) Critical Security Controls, which are primary considerations for UK-OFFICIAL compliance.
Each iPad is configured to run only nomela® software so there is no risk of a user introducing malware via an email attachment or a rogue website. All communication between the iPad and the AWS server has end to end encryption and is centrally managed through the MDM.
Data and images are uploaded to the AWS server through 4G rather than WiFi avoiding another potential security risk. As soon as a 4G link is established and the images and data uploaded they are deleted from the iPad.
This provides an unprecedented level of security.
Securing integration with NHS and other Healthcare IT Systems
There are different NHS IT systems in use both in Primary and Secondary Care. nomela® does not require any output from these systems and only needs to enable nomela® reports to be added to Electronic Patient Records.
To simplify implementation, nomela®’s stand-alone infrastructure can offer pull access to a nomela® report by any NHS IT system.
The following diagram is for example only:
