Our Physician and Nurses end-users need to print sensitive PHI (Patient Health Information) from their mobile devices (both iOS and Android) to local-network printers. We are considering Google Cloud Print as a cross-platform solution for this, however according to Google's documentation the print jobs, including the sensitive patient data, will be sent to Google's cloud and then forwarded to the on-site print server, and finally onto the selected printer. Apple's AirPrint protocol uses end-to-end encryption and the print data never leaves the local network, however as far as I have seen there is no cross-platform (iOS/Android) compatibility.
According to Google Cloud Print FAQ, "Google Cloud Print temporarily stores the data (in a secure manner, only accessible by the user) and print job information as part of the transfer process to the printer. Once the data has reached the printer, all the data is deleted from Google’s servers… all data transfer between apps and Google Cloud Print, and between Google Cloud Print and printers, is over an encrypted connection"
Does Google have access to the sensitive patient data or is it encrypted even to Google's eyes? How can we confirm if Google Cloud Print is HIPAA-compliant?
Is there a white-paper out there on Google Cloud Print privacy and security?
Related
一:I would like to ask some questions about our IOS mobile access to Google IOT Core permission scope authentication. We are planning to use API services from Google IOT Core to access device-specific data;
But we encountered the problem of OAuth authentication, requesting the scope of Google API, it may take up to several weeks, I wonder if this is the case?
OAuth image
My application will use the following request scopes: https://www.googleapis.com/auth/cloudiot, https://www.googleapis.com/ auth / cloud-platform I want to be able to view and manage and manage and Create a registered device.
https://www.googleapis.com/auth/pubsub Want to use this API to publish subscriptions / topics on your phone, receive device data, and assume: temperature, humidity, alarm values, etc. Mobile terminals can access IoT data through HTTPS (https://cloudiot.googleapis.com/v1/{name=projects//locations//registries/*}) nodes.
二:Use Google Cloud Functions to connect to the cloud platform to get device data from IOS;
Google Cloud and the device have been successfully bound and deployed through the console, but it is impossible to understand how to write the Google core API from the cloud function so that the device connects to the cloud, IAM grants permissions, or the private key to access the Google API (Purpose: IOS mobile phone calls Google API through cloud functions, implements JSON interface, and gets device data for IOS) Thank you in advance, thank you!
My article might be helpful for your problem if you're still having this issue, It shows how to connect to IoT Core using CocoaMQTT and SwiftJWT, you can do something similar but instead of connecting to the specific device you could register the device with a given ES256 public key.
Controlling you phone from the cloud
I'm an administrator of a Watson Analytics account. I deal with a huge amount of data that usually comes from a .csv file. The developers of the website where I get the .csv file shared with me a link to a Dash DB with all data, so I could connect my Watson Analytics to it. I researched about how to do that connection, but I found out that when I access my account settings I can't find the option for connections.
As I said, I'm the administrator of the account, so I don't understand why I can't access connections. Is necessary to have a special account to get that option in settings?
Thank you in advance!
The Data Connections panel is no longer available in the Account Settings pages.
To quote the announcement,
The new Data Connection process utilizes an IBM tool called Data Refinery. Unlike the previously used tool, Data Refinery will not be embedded in Watson Analytics. This means that administrators will need to register their IBM id with IBM Data Refinery outside of Watson Analytics, then when ready, will use this tool to initiate the ‘Data Flow’ from the relational database in question to Watson Analytics via IBM Data Refinery.
Please visit the announcement link for more details.
We're trying to automate device creation using the Graph API.
What is our situation: We don't have intune. We use another 3rd party MDM solution and have a API there to extract information. We have Azure and we use conditional access to allow access to cloud ressources from managed and compliant devices only.
So far only Intune can report compliance status to Azure AD of a managed iOS device. So we were trying to automate ths process by creating devices in Azure AD using Graph API and stuck on the value to use for deviceID in the JSON (documentation).
The general UUID and UDID, what we can get from our MDM API are not working, so the device is not recognized because the deviceID read from the OneDrive App for example is not matching with UUID/UDID we extracted, during authentication in Azure as compliant/managed.
Can anyone help how to correctly generate/use the Create Device API in Graph to have the right deviceID so the device will be recognized correctly when accessing cloud resources?
We're trying to write an automated script (i.e. no user interactions) that pulls YouTube reporting data from API (esp. with Google Python API Client).
Currently, we have a Google user that is a Content Manager of a channel, and we can access its Creator Studio on YouTube.
So far, we have followed the official code sample, created a client secret file for the Google Account, and we're able to access the reports after approving the permissions in a browser popup. However, since we are going to port it to an automated script, this is not practical for us.
Is there a way such that we can have a "client secret file" that allows us to talk directly to Google API without the need for extra verifications?
(The OAuth playground looks promising, as we're able to generate Refresh Token and Access Token there; however, we're not sure about how to use them in the Python API Client...)
I'm new to the OAuth Authentication process so be gentle:
Goal: To create an embedded application on a device that will integrate with Google Drive, Dropbox, One Drive, Box to retrieve & store documents. This can be easily accomplished with OAuth2 authenticaiton.
Problem: The devices have limited input capabilities (and no browser) that prohibit users from being directly redirected, for them to input username/pass on the device.
Research: I've noticed looking through the documentation for these APIs that Google provides something called OAuth2 For Devices which allows the device to request a "User Code" when they first attempt to use the application on the device. The user can then go to a computer, navigate to a specific URL, and input that code to authorize the device to access their account. This circumvents to need for user input, or a browser at all, on the physical device.
Question: Do Dropbox, Box, OneDrive, or any others allow for this type of functionality, or anything comparable? As far as I can tell Google is the only one supporting this type of workflow.
Recently i've researched the same question and i've found out that while Google Drive Api supports OAuth2 flow for limited devices, it supports a very limited set of scopes. It means that Drive api for limited devices can offer only application data synchronization (files uploaded by app), because it won't find any files created by the user (outside of application, i.e. from web) even in a dedicated application folder. (assuming that user understands that application owns that folder and everything placed there ideally should be accessible by that)
By 2022, i've found the most promising api is from Koofr which doesn't have such limitation for devices and bundles multiple cloud services into one package.
Their documentation doesn't mention support for limited devices, yet it's fully working and can be found in their online HTTP api test suite.