This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
How to require 2-factor authentication or multi-factor authentication (or client-side end-to-end encryption) for consumers of Observable Framework dashboards? #1450
Labels
enhancement
New feature or request
For the health care use cases at @onefact, we rely on @observablehq's Framework regularly.
However, for clinicians to be able to make predictions and decisions (or financial engineers at hospitals/hospital-connected entities like private equity fund resource allocators), we need to comply with federal laws like the Health Insurance Portability and Accountability Act.
I was able to confirm with the @observablehq team that the platform is not HIPAA-compliant unfortunately, so we are rolling our own feature.
Does anyone else need this?
Happy to make this contribution from @onefact as we have some headcount for the summer.
Examples of our tests with Observable so far that I can share (the work with clinicians and clinics is private by federal law, as protected health information is unable to be shared or we will lose a lot of money due to the HIPAA violations):
Examples with de-identified semi-public health care data I've trained language models (e.g. http://arxiv.org/abs/1904.05342) on:
HTH happy to chat if anyone else needs this feature, our focus is hospitals, tertiary care centers, and clinics in low- and middle-income countries that tend to need on-device compute (due to internet connectivity), but HIPAA-compliance is still the gold standard we start from for these use cases 🙏
The text was updated successfully, but these errors were encountered: