Standalone app technical documentation

contents system requirements browsers hardware requirements internet connection citrix account security add users password protection two factor authentication (2fa) data flow recording phase note generation phase infrastructure, security and privacy infrastructure ip whitelisting url whitelisting security and privacy system requirements browsers web browser compatibility chrome fully compatible safari fully compatible microsoft edge fully compatible firefox not compatible microphone is often not allowed hardware requirements our application is completely cloud based data storage, backups, infrastructure management, updates and security therefore do not have to be realized locally the only hardware required locally is a microphone this must meet the following requirements wide frequency range (20 hz to 20 khz) snr (sensitivity and signal to noise ratio) of at least 60 db sampling rate 44 1 khz bit depth of at least 16 bits built in microphones in recent versions from apple, lenovo or hp usually meet these requirements some suggestions microphone frequency range snr sampling speed bit depth price fifine k678 20 hz to 20 khz 60 db 44,1 khz 16 bits €59 hyperx quadcast 20 hz to 20 khz 80 db 48 khz 16 bits €99 blue yeti 20 hz to 20 khz 100 db 48 khz 16 bits €110 samson g track pro 20 hz to 20 khz 80 db 48 khz 16 bits €120 philips smartmeeting pse0540 20 hz 20 khz 65 db 48 khz 16 bits €119 internet connection our web application works via both a wifi connection and a wired connection please observe the following requirements ; upload because the application records audio and temporarily uploads it to a server, a minimum upload speed of 1 2 mbps is required download for a responsive user experience during the transcription and summarization process, a download speed of 10 mbps or higher is ideal latency to reduce the processing time of the audio transmission process, the latency ideally remains below 100 ms (common with a stable broadband connection) autoscriber uses the common http and https ports (80/443 ) citrix in order for autoscriber to function smoothly within a citrix based infrastructure, certain configurations and system requirements must be observed below are the key considerations for the citrix administrator microphone redirection ensure that microphone redirection is configured in citrix studio so that users can access their local microphone within the citrix session web browser support check that the web browser you are using is compatible with autoscriber network requirements guarantee a stable one internet connection (minimum 2 mbps per user) to enable simultaneous audio recording and transcription without delay sound configurations verify that the virtual machine has the correct sound drivers and that the microphone settings are configured correctly via the citrix workspace app problem solving test the application extensively and check the logged files for problems with the audio input account security add users user accounts are created based on email addresses an email address can have only one user account under only one organization if a new user is added, they will receive an email to activate their account the activation link in the email must be used for this this activation link is valid for 48 hours user accounts are always doubly secured on the one hand with password protection, on the other hand with two factor authentication password protection a user must protect the account with a password that; contains at least 8 characters contains at least 1 symbol every 90 days a user must renew his password to maintain access to the application two factor authentication (2fa) in addition to password protection, all accounts are equipped with two factor authentication using an authenticator app or phone number, users can access their account a user can choose to enter the 2fa code always or once every 14 days autoscriber uses keycloak services to secure user accounts data flow below is a schematic representation of the data flows that are started when using autoscriber this flow includes several key stages first the audio is captured, then transcribed in real time, and then a medical note is generated from the transcription the workflow ensures secure processing of all data by using gdpr compliant cloud infrastructure below is a detailed explanation of each stage in the data flow first as a flowchart, then in text form recording phase start recording the process begins when the user starts a recording send audio stream the webapp opens a web socket connection and starts sending chunked audio (encoded as base64) to the api the api forwards this audio to the speechtotext service for transcription transcription the speechtotext service receives the audio pieces and converts them to text, after real time transcriptions are sent to the api the api returns these transcriptions to the webapp, making them accessible to the user in real time end of stream when the recording ends, the user sets the webapp, which then sends the end of the audio stream to the api the api sends the full, final transcript to the webapp and stores it in the database, ensuring data integrity and retrieval note generation phase requesting a medical note after receiving the full transcript, the webapp sends a request to the ai ​​module to generate a structured medical note based on the transcript generating and sending the medical note the ai ​​processes the transcript and creates a detailed medical note, which is sent back to the api the api then forwards the formatted note to the webapp for display to the user storing data the database securely stores the transcript, the generated medical note and any associated metadata unless the integrated version is used, the transcript and generated medical note is not saved by default infrastructure, security and privacy infrastructure the workflow is hosted on gdpr compliant azure eu and gcp europe infrastructure public data transmissions are encrypted, while private connections are used for inter service communications to improve security security and privacy customers trust autoscriber with their data so they can focus on the work that matters most in healthcare that's why we focus not only on creating automation but also on implementing robust security measures to keep our customers' data safe ip whitelisting to ensure that no emails sent by autoscriber are blocked by an anti spam engine, we recommend whitelisting the following ip addresses 149 72 123 24 149 72 154 232 159 183 224 105 193 177 232 188 176 67 80 118 url whitelisting url whitelisting is only required if your environment restricts outbound connections (for example, production environments with firewall rules) if that is the case the following urls need to be whitelisted io autoscriber com app autoscriber com embedded prod autoscriber com identity prod autoscriber com relevant regulations autoscriber is fully gdpr compliant, and our processes have been audited by our legal advisors in concrete terms this means we require our customers to request explicit permission from each patient to record and process their data all data is stored in data centers within the eu data is only stored for as long as necessary there is a data retention policy in place; we may delete data at any time at the request of individual customers in addition, we work according to the iso 27001 and nen 7510 standards that is why we apply a very strict it security policy we apply a policy of minimal access only employees who really need access to data are given it every employee (even interns) must be able to produce a certificate of good conduct (vog) and an identity card employees work exclusively on company managed laptops, via secure vpn connections and with privacy filters on their screens we have our applications tested at least once a year we regularly perform scans with a vulnerability scanner