Hello community, I am designing a personal health record (PHR) android application for mUzima that will tether with OpenMRS and fetch patient historical data and also allow patients to post patient entered data. Our challenge is how do we approach authentication for both patients with and without existing OpenMRS patient records? . One approach is to make patients OpenMRS users. So I would like to get your perspective on the challenges posed with this approach in terms of security, privacy etc and even if it’s feasible in the first place.
Though this page is a bit old, it has some useful design insights that you could evaluate. Have you looked at it? https://wiki.openmrs.org/display/docs/PHR+Module