Go to the main page

Security

DHIS2 includes industry standard security and privacy features. On this page you can learn more about the customizable features that are available in the core DHIS2 software and DHIS2 Android application.

Jump to a section on this page

    DHIS2 security and privacy features

    The fact that DHIS2 is commonly used to capture and analyze health information means that issues of data security and privacy are of paramount importance. The data collected within DHIS2 need to be available to those who have the need and appropriate authority to access it — such as healthcare providers or program managers within a given health system — and secured against unauthorized access by others. In addition to striving to make the software itself as secure as possible, DHIS2 offers a selection of customizable security and privacy features, including user management, encryption, and more. Below, you can read a short overview of select security and privacy features in the core DHIS2 software and Android Capture Application, and a link to our collection of feature spotlight videos on security features.

    Access Control

    DHIS2 allows you to control access privileges per user and by role, to set expiration dates for user accounts and automatically disable inactive users to help prevent unauthorized system access.

    Multi-Factor Authentication

    DHIS2 supports multi-factor authentication using an authenticator app as a second factor.

    External Authentication Support

    DHIS2 supports LDAP-compatible directory servers (Active Directory, OpenLDAP, etc.) for user authentication.

    Single Sign-On

    DHIS2 supports single sign-on using OpenID Connect (OIDC).

    Sharing Settings

    DHIS2 supports granular sharing of individual metadata objects and their associated data. Read and write permissions can be explicitly granted to only certain users and user groups to restrict access to sensitive information.

    Audit Log

    DHIS2 logs sensitive operations performed by users to an audit log in the filestore or database.

    Program Access Levels

    DHIS2 users can be granted explicit access levels to determine exactly which organisation units in the hierarchy that user should be allowed to access for data capture and search

    Breaking the Glass

    DHIS2 can be configured to allow users with limited data capture access to “break the glass” and search for Tracked Entities outside their capture scope. Breaking the glass requires the user to enter a reason for the operation, which is then logged by the audit service.

    Impersonation

    DHIS2 supports an operational mode when privileged users can impersonate other users and perform certain actions on their behalf.

    Encryption (Android)

    Android devices may contain sensitive data they have collected or downloaded from the DHIS2 server. Using the Android Settings App, a system administrator can force all DHIS2 Android applications to use local database encryption, ensuring that the data is inaccessible to unauthorized users even if they gain access to the physical device.

    Security Feature Videos

    You can watch a selection of Feature Spotlight Videos on security features on the DHIS2 YouTube channel.

    Guidance and community support for implementing secure DHIS2 systems

    For guidelines and best practices on implementing secure DHIS2 systems, please see the DHIS2 documentation.

    You can also stay informed about the latest security updates from the DHIS2 security team on the DHIS2 Community of Practice (CoP) by subscribing to posts tagged with “dhis2-security.”