[Security Model](SecurityModel) > Privacy and Security Considerations # Privacy and Security Considerations ## Security Considerations The following security items must be considered when integrating with IAR Visual App: ### Patient Context Change When a new patient is put in context in the Client Application, a relaunch of the IAR Visual App will take place. At this point, any existing user and patient related data (from the previous patient and user context) is removed from the IAR Visual App. This includes removal of the OAuth access and refresh tokens. ### Closing the Browser Window When browser window hosting the IAR Visual App is closed, all of the existing access tokens will be removed, and invalidated. The same access token will be able to be reused in a different context. ### Token Expiration Time #### Authentication and Authorization JWT expiry [Authentication and Authorization JWT][2] contains the `exp` data fields (corresponding to the expiration date/time). As best practice, this has to be set-up with very short time period so that it cannot be used for extended period of time. In addition, Client Application and IAR servers should have system clocks synchronized for correct handling of this field. #### Access Token expiry The OAuth access token that is used by the IAR Visual App to retrieve data from IAR also contains `exp` field. It is set up for longer period of time allowing end-user to keep interacting with IAR Visual app. If the user still communicates with IAR VIsual App after the access token expited the appropriate message wll be returned. The user have to have an ability to re-launch IAR Visual App with new JWT tokens. #### Cross-Original Resource Sharing (CORS) IAR Data API supports [Cross-Origin Resource Sharing][1] (CORS). The domain name of the Client Application should be configured in IAR to allow the cross-origin HTTP requests coming from Client Application. ## Privacy Considerations ### Consent IAR Visual App will adhere to the same IAR consent model as the clinical portal. - *IAR level* consent (blocks access to all of client/patient assessments in IAR) - *PI Level* consent (access to both client/patient demographic data and all of their assessment data in IAR is restricted from view by all users). - *HSP Level* consent (Person does not have any assessments within the last two (2) years, or all assessments within the last two (2) years have HSP level consent block). ### Auditing End user access to IAR data via the Visual App will be audited. The following client application user attributes are captured: - HSP’s Client application’s user’s name - First Name - Last Name - E-mail address - Organization Identifier (capable of matching IAR Org ID) - Organization Name - Timestamp when the end user is denied access by the authorization server - Source system (Visual Application or Direct Access) - User Activities (E.g. Search/view Assessment data) / Audit Events [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS [2]: AuthenticationandAuthorizationTokens [3]: https://simplifier.net/guide/IARVisualAppViewlet/AuthenticationandAuthorizationTokens ___