User Management
DHIS2 allows you to control access privileges per user and by role, to set expiration dates for user accounts and automatically disable inactive users to help prevent unauthorized system access.
DHIS2 takes security seriously. We are continuously improving our software architecture, features and processes to minimize the risk to users and their data
The fact that DHIS2 is commonly used to capture and analyze health information means that issues of data security and privacy are of paramount importance. The data collected within DHIS2 need to be available to those who have the need and appropriate authority to access it — such as healthcare providers or program managers within a given health system — and secured against unauthorized access by others. In addition to striving to make the software itself as secure as possible, DHIS2 offers a selection of customizable security and privacy features, including user management, encryption, and more.
On this page, you can find an overview of the principles of the DHIS2 security team, how security is approached within DHIS2 software architecture, a list of features related to security and privacy that can be implemented in individual DHIS2 instances, links to relevant guidance on security best practices, and information on vulnerability reporting and disclosure.
The DHIS2 security team champions the following principles:
If you have questions about DHIS2 security issues, you can contact the security team at: security@dhis2.org
Below, you can read a short overview of select security and privacy features in the core DHIS2 software and Android Capture Application, and a link to our collection of feature spotlight videos on security features.
Security and privacy features in the core DHIS2 software platform include:
DHIS2 allows you to control access privileges per user and by role, to set expiration dates for user accounts and automatically disable inactive users to help prevent unauthorized system access.
DHIS2 supports granular sharing of individual metadata objects and their associated data. Read and write permissions can be explicitly granted to only certain users and user groups to restrict access to sensitive information.
DHIS2 logs sensitive operations performed by users to an audit log in the database.
DHIS2 users can be granted explicit access levels to determine exactly which organisation units in the hierarchy that user should be allowed to access for data capture and search
DHIS2 can be configured to allow users with limited data capture access to “break the glass” and search for Tracked Entities outside their capture scope. Breaking the glass requires the user to enter a reason for the operation, which is then logged by the audit service.
DHIS2 source code is continuously analyzed for security vulnerabilities on the OWASP Top 10 list thanks to a variety of automated tools, to ensure most common bugs are addressed early in the development process.
The DHIS2 Android Capture App includes all core software security features listed above. Additional DHIS2 Android security and privacy features include:
Android devices may contain sensitive data they have collected or downloaded from the DHIS2 server. Using the Android Settings App, a system administrator can force all DHIS2 Android applications to use local database encryption, ensuring that the data is inaccessible to unauthorized users even if they gain access to the physical device.
Both the Android SDK and the App follow OWASP recommendations for ensuring privacy and security features in mobile development (see our OWASP score). Some practical implications for DHIS2 Android implementers and users are the blocking of screenshots and screen sharing when using the app, and the prevention of DHIS2 Android App installation in rooted devices.
You can watch a selection of Feature Spotlight Videos on security features on the DHIS2 YouTube channel.
Security is much more than just software — people are just as important to ensuring a secure DHIS2 implementation. As a starting point for best-practice system implementation and administration, DHIS2 recommends that implementers hire a security manager, establish a security plan, and update your DHIS2 software regularly and responsibly.
Have a dedicated security manager
Have a security plan
A plan is a living document — keep refining the plan as you go!
Upgrade regularly and responsibly
DHIS2 officially supports the latest three major released versions — see the Downloads page. When a vulnerability in the DHIS2 software is discovered and fixed, a security patch release will be published for each supported major version. Versions which have reached End of Support are not guaranteed to receive security patches, so it is critical that older DHIS2 implementations upgrade to a recent, supported major version as soon as possible.
DHIS2 has a dedicated security team focused on maintaining the integrity of the DHIS2 software. If you discover what you believe to be a vulnerability in DHIS2 then we want to hear from you. Please visit our Vulnerability Reporting & Disclosure Policy page for information on how to contact the DHIS2 security team, what you can expect when you contact us, and what we expect from you.
The DHIS2 security team participates in responsible disclosure. When vulnerabilities are discovered in released, supported versions of DHIS2, the team makes every effort to evaluate, address, and release fixes in a timely manner. Due to the sensitive nature of many DHIS2 implementations around the world, information relating to these vulnerabilities may be embargoed for some period of time. Eventually, the DHIS2 team endeavors to disclose any known vulnerabilities in older software versions once they have been fixed and sufficient time has passed to allow production DHIS2 implementations to upgrade their software.
The DHIS2 Security team greatly appreciates the help of independent security researchers in identifying and responsibly disclosing security vulnerabilities. We recognize their contributions in the DHIS2 Security Hall of Fame.
You can stay informed about the latest security updates from the DHIS2 security team on the DHIS2 Community of Practice (CoP) by subscribing to posts tagged with “dhis2-security.” You can also subscribe to the DHIS2 newsletter, which includes a summary of recent security updates.