DATA ENCRYPTION
-
- Posts: 65
- Joined: Fri Mar 25, 2011 3:00 pm
DATA ENCRYPTION
If so, how is it encrypted? Is there a particular algorithm used and what is the key length?
This is for a risk analysis.
- Gavin Walker
- Posts: 4626
- Joined: Wed Apr 04, 2007 10:11 pm
- Location: Springfield, MO
- Contact:
Re: DATA ENCRYPTION
What I do on my newer Internet hosted Medisoft Servers is I have the entire hard drive encrypted with Windows Bitlocker which IS FIPS compliant and then I encrypt certain key tables using Advantage's RC4. This will prevent a "casual" Windows user from browsing the Medisoft files and figuring out Medisoft passwords and patient names, etc.
Something else to keep in mind, if you are doing electronic billing, then claim files and reports containing patient information will be stored on the disk which are not part of the database and are not encrypted. Also, users can run reports and export them to disk, which is not secure. Various temp files and log files can be generated and stored all over the disk and can sometimes contain patient information. So Medisoft itself is NOT considered a "secure" application.
Walker Tek Solutions, LLC
417-890-6777 x0
fax: 417-763-6386
-
- Posts: 65
- Joined: Fri Mar 25, 2011 3:00 pm
Re: DATA ENCRYPTION
Does Windows BitLocker secure the Medisoft data even if it resides on a separate volume/physical drive than the OS? If so, is it possible to have separate encryption keys for each volume?
Thank you.
- Gavin Walker
- Posts: 4626
- Joined: Wed Apr 04, 2007 10:11 pm
- Location: Springfield, MO
- Contact:
Re: DATA ENCRYPTION
server
- Gavin Walker
- Posts: 4626
- Joined: Wed Apr 04, 2007 10:11 pm
- Location: Springfield, MO
- Contact:
Re: DATA ENCRYPTION
server