The public site focuses on presentation and support, not private business data
The website shows product overview, downloads, FAQ, contact support and compliance guidance, but not real patient, doctor, hospital or treatment-record data.
Compliance Boundary
The public website focuses on presentation, download and support guidance only.
This page explains public display scope, privacy boundaries, handling principles and release rules so external communication stays clear and consistent.
Boundary Rules
Public Compliance
边界块
3
用公开表达说明官网能展示什么、不能展示什么,以及服务边界。
规则
3
把资料发布、信息范围与对外表达方式拆成显性的规则说明。
Core Boundaries
Define the boundary before the capability. That order matters most for a medical-related public website.
用清晰的模块说明公开站展示什么、不展示什么,以及用户在公开站能完成哪些操作。
Show
Open
产品、下载、FAQ 和联系支持属于公开展示范围。
Hide
Private
患者、医生、医院等敏感信息不会在官网公开。
Rule
Clear
通过结构化边界卡让官网表达更像规则体系,而不是提醒文字。
Business data stays inside authorized terminals and controlled interfaces
Measurement, record synchronization, clinical-data access and account handling are completed through Android business terminals and Django business APIs, not the public website.
The download chain stays verifiable, traceable and auditable
Application-package management and download logs keep public release display, package verification and support follow-up aligned.
Transmission & Verification
A public delivery chain must be downloadable, verifiable, auditable and explainable.
官网与专属服务入口各自承担不同职责,公开页面仅呈现经过整理后的对外信息。
合规页的重点不是解释业务功能,而是明确公开边界和数据处理原则。
后续可继续补充流程图、信息边界图或合规模块示意图。
Public Data Boundary
用统一视觉容器表达公开内容、记录留存与敏感信息之间的清晰边界。
Public downloads and support content should prioritize HTTPS
Download pages, guidance pages and contact content should use secure transport to reduce leakage and tampering risk.
Download pages must expose key verification details
Version, release date, file size, MD5, SHA256 and system requirements should appear together for field verification.
Stop installation immediately when checksums do not match
If downloaded files do not match the public verification values, installation should stop and the official file should be fetched again.
Responsibility Matrix
Use a responsibility matrix to completely separate the public website from the internal business system.
| 信息项 | 官网公开站 | 专属服务入口 |
|---|---|---|
| Public responsibility | Product overview, workflow, APK download, FAQ, compliance and changelog | Does not take over business login, patient management, doctor management or record query |
| Displayed data scope | Only non-sensitive explanatory content, abstract workflows, public releases and installation information | Processes protected data such as patients, doctors, hospitals and treatment records |
| Authentication | All pages are anonymous by default with no login or registration entry | Uses controlled accounts to access business capability and data interfaces |
| Download & audit | Django download APIs continue to record logs and download counts | Still handles admin review, package approval and version publishing workflows |