Suggestion made by @nm_s

See the first version of the issue on Google Code here: https://code.google.com/p/freemedforms/issues/detail?id=366&q=password

Password-Based Key Derivation Function 2 is the gold standard to derive a key from a password (RFC 2898). Having a salt added to the password reduces the ability to use precomputed hashes (rainbow tables) for attacks.
Number of iterations can be adjusted over time to adapt to brute force capabilities.
Alternatives to PBKDF2 include bcrypt and scrypt.

"Qt Cryptographic Architecture (QCA) http://delta.affinix.com/qca/ aims to provide a straightforward and cross-platform crypto API, using Qt datatypes and conventions."

The git of the project is actively maintained and updated: http://quickgit.kde.org/?p=qca.git

QCA will give us access to TLS, CMS, X.509, RSA, DSA, Diffie-Hellman, PKCS#7, PKCS#12, SHA0, SHA1, SHA224, SHA256, SHA384, SHA512, MD2, MD4, MD5, RIPEMD160, Blowfish, DES, 3DES, AES128, AES192, AES256, CAST5, HMAC(SHA1, MD5, RIPEMD160), PBKDF1(MD2, SHA1), PBKDF2(SHA1) and OpenPGP through plugin providers (dependent on OpenSSL and GnuPG) that we could use in the future to

encrypt databases
encrypt connection to remote databases

Huge projects like https://github.com/bitcoin/bitcoin use OpenSSL PBKDF2 implementation.
https://github.com/bitcoin/bitcoin/blob/master/src/crypter.cpp
https://github.com/bitcoin/bitcoin/blob/master/src/crypter.h
Bitcoin source code is high quality & highly peer reviewed (264 contributors, many more watching), I suggest using it.

Let's use scrypt for client side KDF:
https://github.com/Tarsnap/scrypt/tree/master/lib/crypto
scrypt is already an IETF draft and should become an RFC soon: https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-04
It is used by several cryptocurrencies such as Litecoin as proof-of-work hashing mechanism.
We also need to use the scrypt derived key to feed MySQL password() function because this password() hashing function is actually:
SELECT SHA1(UNHEX(SHA1(“this_is_a_random_string”))) pass\G
which is not a very GPU proof PBKDF...
Of course, on top of this, we have to implement TLS between client and server, as Qt5.6 allows us to do.

See https://github.com/FreeMedForms/freemedforms/issues/124 for more info.

Tab widget can already be used through a ui file but translation of the tab names is not possible.
Let's add "Tab widget" to the list of available items for FreeHealth.

Unique episode form inside PMH like cardiac risk factors shouldn't print (1) in PMH synthesis next to their uuid because:

• clunky
• suggests that there is 1 cardiac risk factor even if there is 0 risk factor checked (or if all are checked)

We should also not print unnecessary data such as label (for unique episodes the label should be the uuid by defaut and not printed twice), created by, dates, etc.

Synthesis should only contain essential informations and renamed "summary" or something that sound English...

Status, type, if left undefined, shouldn't be printed at all instead of printing "Status: undefined".

"formDataMapper isDirty false, Form: Subs::Cardiology::RiskFactors"
"formDataMapper Clear"

1. Inside PMH, check cardiovascular risk factor items of patient A
2. save
3. change patient to B
4. come back to patient A
5. no item is checked

Was issue N°163 in FMF.

Patient form editor allows adding same form multiple times in the form tree of the same patient. This behavior doesn't appear useful and could lead to confusions as new episodes added in one place doesn't show up in the other until a patient switch occurs.

See https://freehealth.io/en/drafts/ehr/data for the big picture.

pmhcategorymodel.cpp

Remove inline style, replace it by id and class for each PMHx items.
Add internal style sheet in records that make use of PMHx (see clinical_letter in the forms-gp branch: https://github.com/FreeHealth/freehealth/blob/forms-gp/global_resources/forms/subforms/generic/clinical_letter/html/xx/clinical_letter_template.html )

While prescribing a drug, select duration range (from to): the second spinbox doesn't show up.
It is a regression from 0.9.4. Probably related to Qt4->Qt5.

Current situation with radio buttons, unique selection list and combo widgets

Forms offer radio buttons, unique selection list and combo widgets.
The possibilities offered are mutually exclusive: you can only check one radio button, you can only select one element in the list and you can chose only one element in the drop down list.

This behaviour is useful in many cases where there is only one correct choice or answer.

Problem

Unfortunately, users sometimes make mistakes (mouse slip, keyboard mishap, etc) or change their mind...

Possible solutions

It would be very convenient to have a way to deselect the selected item (list or combo) or button.

We could have a push button called "Deselect" near radio buttons implementing this hack: http://stackoverflow.com/questions/1731620/is-there-a-way-to-have-all-radion-buttons-be-unchecked

For QListWidget this might be a solution: http://www.qtcentre.org/threads/17610-QListWidget-Deselect

For combo setCurrentIndex(int -1) will work.
Other solution for QComboBox: How to set non-selectable default text on QComboBox?

Another possibility is to add a "null" / "empty" / "none" item to each widget but I think it will add work for the user and unnecessarily consume coding time and disk space.

Thanks.

(was issue n° 67 in FMF)

When a user modifies his user data in user manager, it can happen that his rights get modified so that the user is unable to load coreplugin during next application startup...
When this happens, an admin can login and check that the rights have been modified compared to the usual rights of the user.

This happened during my frequent testing sessions and it was reported by at least two different users.
For instance it happened after user sex gender modification (i was testing freemedforms.user.isFemale and freemedforms.user.isMale in form scripts).
It also happens after title modification.

In Prescription module, and in prescription form inside patient forms, printer icon appears greyed out and disabled, but it's not.

User shouldn't be able to click multiple times on the "add long term medications" push button, resulting in multiple occurrences of the same long term medications list.

PadTool (pad_item.cpp) tries to convert to type QString using toString() but type is StringList: we should use .join()

Validate action is not enabled for unique episode in formmanager plugin.

Should be replaced by "identifier" but "identifiants" tokens should be kept for backward compatibility...

Replace all hardcoded strings about contact information (email eg [email protected]) with CONST.

Users adapt widgets sizes inside splitters according to their taste. When they close the app, theses sizes are forgotten. Let's record theses preferences in the users database before the app closes down. Should we record one size for each patient?

One of our users has requested that the date of birth of the patient be visible in the main page, inside the patient bar, along with name, age, administrative gender and optional picture.
This request is in accordance with SAFER Patient identification Recommended Practice 3 worksheet which is based on HIPAA:

Information required to accurately identify the patient is clearly displayed on all computer screens, wristbands, and printout:

*Last name, first name, date of birth (with calculated age)
*Gender
*Medical record number
*In-patient location (or home address or ZIP code)
*Recent photograph (recommended)
*Responsible physician

Remove gender bias from EHR:

• Why is admin male? Admin gender should be "unknown"
• equal number of feminine / masculine gender default patients
• add Other and Unknown gender patients and users

Remove references to television series Star Trek: Enterprise, introduce universally recognizable historical characters related to healthcare.

You wouldn't believe how many people told me FreeMedForms probably started as a military software because of all the Captains we have there...

TODO: new icons for Other and Unknown gender.

Proposal:

• Bennet Omalu

new categories disappear after restart
items can't be added
fix it or disable it for next release
is it even useful?
should we fix it and add form management?
or rewrite the PMH plugin to separate form widgets and pmh widget inside the same view?
recreating a full formmanager plugin inside pmh plugin doesn't sound like a good idea...

If MySQL server is not installed, error message, app won't start:
Crashed Thread: 0

Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY

Termination Reason: DYLD, [0x1] Library missing

Application Specific Information:
dyld: launch, loading dependent libraries

Dyld Error Message:
Library not loaded: /usr/local/mysql/lib/libmysqlclient.18.dylib
Referenced from: /Applications/freehealth.app/Contents/MacOS/freehealth
Reason: image not found

Currently it is hard coded to 15 but it is a French practice:
identitywidgetfactory.cpp:209
USA it is 18 (sometimes 21).
We should make this a setting in preferences and default to 18.

(was fmf issue n° 155)

pmhtokens.cpp

code

case PlainTextOutput:

Use QTextDocument? (setHtml, toPlainText)

One of our GP user requested growth charts to follow her pediatric patients. Let's code it for v0.9.10!

During hot language change, placeholders inside shorttext do not get translated.
After restart, of course, they are translated.
For users it is not a real problem, for devs of forms, it is a waist of time.
(was FMF issue N°159)

Works in version 2, fix version 1 before 0.9.9 release.

Considering an episode, isValid can be related to:

• episode visibility (has been "removed" from view aka made invalid)
• episode "validation" a validated episode cannot be edited
• index of an episode .isValid Qt member function

I suggest:

• isRemoved for visibility/removal (let's not use isVisible Qt member name)
• seal(ed), lock(ed), freez(ed) or ziplocked (episode inside a transparent bag you can see through but not temper with) for validated episodes

HideHeaderOnUniqueEpisode contains the chain "unique" so it will make the form unique, by itself.
Not really a bug but good to know to avoid confusion during testing...

New item proposal

• based on lineedit widget
• given a list of text items

1. user types characters in lineedit widget
2. choices from the list containing those characters appear
3. user select (arrow or mouse) his choice
4. Done

Option: if text is not in the list, item uses the entered text.

Could be combined with combobox: first, user uses combobox to learn about available items, as he gets used to the available items, typing the first few letters will be much quicker than selecting among a long list of items in a combobox.

An open source implementation might already exists.
Checking "editable" for combobox in Designer allow for something close to what we are looking for.
Limitations: characters should be typed in the right order starting from first one (ie "logy" won't find "oncology", but "onc" will.
Free text is not recorded.
(Was FMF issue N°161)

We now have the possibility to have 0, 1 or more episodes in PMHx forms, but the number of episodes is not updated in the tree view until we change the current the patient or restart.

When deleting a user, EHR purges user data: class UserBase, member purgeUser:

• user row from table USERS
• user rows from table RIGHTS
• delete user rows from table DATA
• user rows from table LK_USERS

It is probably not a good idea to do this. We need to think about the real life use case. If users credentials need to be revoked (departure from healthcare facility) we could do it differently: changing the password and not giving it to the user, adding a mechanism preventing access to this user without deleting ant information.
For epidemiological, legal and EHR interal reasons, deleting data doesn't seem to be the right way to do it.

Since Qt 5.6 TLS encryption is fully functional. MySQL 5.5 (version currently supported by FeeHealth) supports TLS. https://dev.mysql.com/doc/refman/5.5/en/secure-connections.html But it is not enabled by default at startup.
These steps should be taken to make FreeHealth more secure:

• support TLS connection to MySQL server 5.5: systematically try to connect through TLS and fall back to unsecure connection if TLS is not available on the server side
• support MySQL 5.7: this version has TLS enabled by default

FreeMedForms decided to use forms inside PMHx. This was a good idea but it resulted in oversimplified forms without episodes and episode toolbar. Unique episodes were created automatically without user input (see issue #18 ).
Separating [form treeview] and [episodes table view + formdatamapper] would avoid having boilerplate code inside pmhmode.cpp

Edit general header of user A, have a look at the general header of another user B (with copy/paste in mind), go back to user A general header and watch in horror as you realize that your editing work is gone.

We should at least back up those views in memory before asking the user if she wants to save changes.

We'd like to inform GitHub users interested in FreeMedForms that a fork called FreeHealth has been launched in August 2016.

• https://freehealth.io
• Why FreeHealth?
• Objectives of FreeHealth EHR
• GitHub repository
• Online doxygen documentation
• Travis Continuous Integration

1. create form with absent file on ui file path set in central.xml

2. try adding this new form in the form tree

3. segfault

   "XmlReader ** ERROR(xmlformcontentreader.cpp:763) ** Content not in base???\n subForms/generic/clinical_letter; mode:central;filename:.\n /scripts/xx/medical_letter.js"
   ASSERT: "false" in file xmlformcontentreader.cpp, line 764
   The program has unexpectedly finished.

App should not segfault but warn about the problem.

Check this.
Updates should be taken care of before checking the database structure.

Probably related to quazip.
Quazip needs updating to 0.7.2.
Initial tests show that quazip builds and works perfectly well on macOS El Capitan with zlib version 1.2.5.

Workaround for 0.9.9 (patch to macOS build): use macOS unzip command line tool

In file included from widgets/htmldelegate.cpp:51:
In file included from widgets/htmldelegate.h:31:
In file included from /Users/elkcloner/Qt5.6.0/5.6/clang_64/lib/QtWidgets.framework/Headers/QStyledItemDelegate:1:
In file included from /Users/elkcloner/Qt5.6.0/5.6/clang_64/lib/QtWidgets.framework/Headers/qstyleditemdelegate.h:37:
In file included from /Users/elkcloner/Qt5.6.0/5.6/clang_64/lib/QtWidgets.framework/Headers/qabstractitemdelegate.h:38:
In file included from /Users/elkcloner/Qt5.6.0/5.6/clang_64/lib/QtWidgets.framework/Headers/qstyleoption.h:37:
In file included from /Users/elkcloner/Qt5.6.0/5.6/clang_64/lib/QtCore.framework/Headers/qvariant.h:41:
/Users/elkcloner/Qt5.6.0/5.6/clang_64/lib/QtCore.framework/Headers/qmap.h:642:27: warning: returning address of local temporary object
[-Wreturn-stack-address]
return n ? n->value : adefaultValue;
^~~~~~~~~~~~~
widgets/htmldelegate.cpp:107:30: note: in instantiation of member function 'QMap<QPersistentModelIndex, QTextDocument *>::value' requested
here
doc = _documents.value(index);
^
/Users/elkcloner/Qt5.6.0/5.6/clang_64/lib/QtCore.framework/Headers/qmap.h:382:44: note: binding reference variable 'adefaultValue' here
const T value(const Key &key, const T &defaultValue = T()) const;
^ ~~~

Reproduce:

1. Add allergy to patient A
2. toggle drug precautions -> allergy show up
3. go to patient list
4. change current patient to patient B
5. drug precautions of patient A still show up

Toggling drug precautions doesn't improve the situation

Patient.Age.DateOfBirth returns something like "Sun Apr 01 1928 01:00:00 GMT+0300 (EEST)" which is quite difficult to work with and convert to other locales.
Let's use ISO Date Time format for:

• Patient.Age.DateOfBirth
• User.Age.DateOfBirth
• Patient.Age.DateOfDeath

In addition DToB (Date Time of Birth) should be recorded in UTC...

A unique episode should be created by the user. It shouldn't be created by default (by the app).
It will prevent having an empty, dangling, unique episode for PMH record (eg cardiologic risk factor) if the user is not interested in this record.
The exception to this rule will be the mandatory identity unique episode.

print preview is extremely small
temporary fix: adapt QLabel height to parent window heigh (90%), then set width to respect A4 ration -> done in FHio099

TODO:

• rewrite all printerplugin to use Qt's printdialog (long fix)
  or
• subclass QLabel so that it respects initial ratio: http://stackoverflow.com/questions/5653114/display-image-in-qt-to-fit-label-size (quick fix)
  (Was FMF_issue_171)

(was FMF_issue_169)