[SERSI-S]

Doctors must scan or request the patient’s sharing key (RSA) after the patient has given consent and verify that the treating doctor is indeed a licensed professional. This ensures that sensitive data can only be accessed after the patient approves the doctor’s request.

Regarding HIPAA, I haven’t considered it yet, but you can take your EMR with you anytime, anywhere, as it is protected by three keys: one for your IFPS, one for your personal data, and one for your medical data. An attacker would have no choice but to guess the key for each encryption two RSA and one AES. When you go to London for treatment, you only need to use your RSA key—that is, share that key with the doctor and then approve the doctor’s access to your medical history. No administrative procedures are needed; for example, if you’re treated in London, you don’t have to pay anything the hospital asks for just to access your data. That doesn’t sound logical, does it?