What features can we expect to see in the MedEdQR application in the future? User Metadata.
We are now on the fifth item in the list of the potential feature updates that may find their way onto the MedEdQR platform development timeline. This one is a bit controversial for a number of reasons. Let’s take a look at it.
- Gamification / Goal setting
- Case metadata
- Template media type
- URL media type
- User metadata
- Competency / Entrustable Professional Activities
- Case Preview in Web-app
- Enhanced reporting
- Learner portal
MedEdQR needs very little information about users in order to provide virtual patient case deployment. The minimum required information includes the User Name, a unique User ID (which acts as the user’s password), and a Role (Student, Assistant or Faculty). There is one field, “Cohort” that is not required, but highly useful in sorting and managing groups of users.
In our discussions with numerous clients and potential clients, the issue of additional user metadata has come up. For instance, one potential customer had users distributed across a large geographical area, and wanted location information included. Another wanted more demographics. The requests varied significantly and thus became the first problem; what additions to include (if any).
The next problem has to do with security and privacy. All data in our database is encrypted and all communications between mobile devices and the web application are also encrypted. Recently, the European Union (EU) has put into place a new set of information privacy standards, called the GDPR (General Data Privacy Regulation), which went into effect on May 25th, 2018. Some of the elements of this standard include:
- The GDPR is a piece of EU legislation passed by the European Parliament in 2016.
- It is enforceable in all EU countries from May 25, 2018.
- There can be punishing fines for data misuse and breaches. Fines can reach £18 million or 4 percent of global annual turnover, whichever is higher.
- The GDPR aims to make it simpler for people to control how companies use their personal details.
- Strict rules mean companies will not be allowed to collect and use personal information without the person’s consent.
- Data includes things like a person’s name, email address and phone number, and also internet browsing habits collected by website cookies.
- Firms must also report any data breaches – including cyber attacks and accidental leaks – to authorities within 72 hours.
- Individuals can demand a copy of all data held about them, which must be supplied within 30 days.
- And in some cases, they can ask for any data to be deleted in a formal “right to be forgotten” law. Which leads to the question “What are the rights of the educational institution regarding the handling of personal data?
You’ve probably noticed a flurry of emails from websites that contain some of your personal data, stating that they are or in the process of conforming to this standard. Of course, these companies are the ones doing business in the EU, but I’ve also seen many US only companies stating that they will conform to this more rigorous standard. So the dilemma – how much information about an individual do we really need (that has already been answered), and how much additional information do we want to be responsible for? This questions remains unresolved.
If you’d like to give feedback on this topic or any other existing or proposed MedEdQR feature, click here.
Isn’t it time to give the MedEdQR platform a try? If it has been a while since you saw a demonstration, or if you have not experienced a demonstration yet, we would be happy to show you how this platform can enhance your educational program. Click here to request a demonstration.
John Morris, CEO