Personal tools

Protection Ephi

From OpenEMR Project Wiki

Jump to: navigation, search

Electronic Protected Health Information (EPHI).


Encryption when the data is at rest.

VISOLVE>> The data need to be secured when it is at "rest". This is to avoid the illegal access to the patient information when the hard disk is stolen or lost and the access is compromised. As per our current knowledge, this can be achieved using either a. Encrypted file system b. Database encryption (i guess that this would slower the performance) Based on my understanding, i believe that the above techniques should work across all platforms. Let me perform some more analysis on this and will keep you posted.


Fred Trotter: Would an encrypted operating system address this? That would probably be simplest.


Sam Bowen: Encryption of the disk file system would solved this nicely but may exceed the skills of the persons who are going to have to secure the database. This seems like this will be difficult to implement across all the platforms that OpenEMR runs on. The biggest hole being the Windows operating system. Can the Windows Operating system have encrypted data at rest?


VISOLVE>> Based on my understanding, i believe that the above techniques should work across all platforms. Let me perform some more analysis on this and will keep you posted.