How do you integrate secure QR code with LIS in healthcare - making minimal or no changes ?

  • Rajesh Soundararajan
  • Mar 30, 2021
  • 6 min read
How do you integrate secure QR code with LIS in healthcare - making minimal or no changes ?

A secure physical-digital lab report is no more a pipedream - Files API is the solution

One of the most common problems our customers have solved for their Laboratory Information Systems (LIS) in healthcare is adding document security by integrating with Qryptal with no changes to the LIS systems and minimal changes to the overall document flow. Such methods speed up the implementation process to go live and are especially useful for systems that prefer not to make outgoing API calls from the LIS or legacy systems that are unable to do so. We have come up with a novel solution that addresses this need - Files API.

Many lab reports and certificates produced by medical test Laboratories are used by non-doctors and for non-diagnostic purposes. Over the last few years, diagnostic laboratories have seen the use of these certificates for insurance, education, employment offers etc. As such, there is a need to verify the authenticity of these reports to ensure their trustworthiness. There have been reports of tampering of lab reports - COVID-19 has amplified the pain and accelerated the requirement. Today, these certificates need to be accessed by myriad people who could be immigration officials or ushers in stadiums for events, at the airport check-in counters or local municipality or police officials. It could be required by schools or offices to facilitate entry. The need for integrated document security for such reports has never been as much felt before.

Qryptal does offer an API based solution to add a secure QR code to lab reports either as a cloud-based offering or an on-premise solution. However, as we have learnt in our experience, this may not be the best option for some legacy LIS systems. They need an adapted solution which can integrate with their existing systems. That is where Files API comes in.

For established labs using an existing LIS - the current requirements (making the reports verifiable on-demand everywhere) seem onerous to comply with. Any changes to a live LIS system, if at all possible, will require a lot of time for testing and verification - in some cases, it may require a significant system update. Often, the existing LIS systems are tested, proven, and reliable, and any change in the code for logic flows update. - would mean additional testing and -while also increasing costs.

An example of such enhanced current requirements would be COVID-19 vaccination certificates or COVID-19 test reports that have become essential documents to facilitate travel, manage healthcare systems and allow employees to return to work or for children to go back to school.

The need for physical-digital formats

Test reports and certificates in the past were based purely on physical formats like paper. That had little or no possibility for global authentication. Even measures like holograms and stamps could be forged, and hence, it was close to impossible to verify with full assurance.

The alternative technology was to move to pure digital formats like an electronic document/PDF with digital signature or even based on hyperledger/blockchain. In these cases, there were other issues such as many verifiers being in air-gapped areas where it was difficult to verify without network connectivity and some users being technology-unsavvy or low on digital ability, leading to low adoption and practicality.

Physical-digital formats combine the best of both the world. They would have the unique ability where the document is generated digitally with an authentication mechanism like a secure QR code that can be generated and embedded in the document itself. The same digital document can now be printed into the physical format, where the embedded tamper-proof security is directly transferred into the physical document .

Thus the physical copy, the digital copy or even the scanned image of the physical copy on a mobile phone, for example, can be verified for its authenticity digitally. Qryptal provides an elegant solution for such labs looking for a solution that could integrate with the existing mechanisms and deliver secure and verifiable physical-digital reports and certificates with speed, simplicity, and affordability.

Files API Integration – simple and effective

Many laboratory systems are not designed to make outgoing API calls (RestAPI) to systems such as Qryptal to obtain a digitally signed QR to be placed on the test report.

  1. Files API is a simple and effective way to tackle this problem.

  2. Files API integration helps extract the relevant data to be secured in a digitally signed QR and place the QR on the lab report.

  3. Modern secure report solution like Qryptal provides a Files API that allows for integration with LIS systems using the file system to secure the laboratory test reports (in PCL/PDF formats) produced by such methods.

  4. The process flow diagram below illustrates the solution.

Files API integration workflow

Files API Integration workflow

The benefits of the File API solution are manifold

  • Offline validation: Anyone will be able to validate your certificates offline. Such a solution provides for trouble-free high volume decentralised validation in all kinds of locations: air-gapped immigration/border controls, airline check-in counters and any venue wanting to ensure safety for all. This takes the load off your server infrastructure.

  • Automated validation: Such systems support both API based and PKI based automated offline validation enabling easy integration in workflows like online check-ins.

  • Physical-Digital: Your certificates may be electronic or paper-based and maintain the same security level in both configurations. This allows people of all digital abilities to use and benefit from the systems.

  • Privacy: Decentralized validation based on open standards enables true privacy for all stakeholders: certificate holder, issuer, and verifier.

  • Public validation: Empowering the public to be able to easily validate these certificates can be an essential enabler to ensure safe opening at scale.

  • Streamlined Architecture: This solution is triggered as a microservice to enable quick and easy deployment at scale.

  • Integration with existing document production systems: File API integrates seamlessly with existing document production systems and workflows to make a minimal change required for adoption.

Proof: One of the largest laboratory chains in South East Asia uses this

One of the largest laboratory chains in South East Asia uses this solution for secure Covid test reports to make them easily verifiable by authorities. Trustworthy credentials help its customers travel for work and fun across Asia. The novel physical-digital PKI based approach enables validation in air-gapped environments (no internet) when presented electronically via smartphones, printed, or uploaded for automated verification during online check-in.

Sample Lab report with secure QR code

Sample Lab Report with Secure QR Code

Reach out to us and we will be happy to share how Qryptal can help in securing your lab reports and making them easily verifiable on demand.


You may also like to read -