|
Posts: 2,084
Joined: November 2006
|
|
#57003
09/23/2013 12:11 PM
|
Joined: Oct 2011
Posts: 207
Member
|
OP
Member
Joined: Oct 2011
Posts: 207 |
I am looking for help in encryption. The HIPAA omnibus rule has significantly increased the security requirements - I am specifically looking for advice on encryption for full disk encryption and securing traffic from my PM to the clearing house and wireless transmission.
was planning on use of Diskcriptor for all mobile devices and desktops but am confused about securing wireless and data transmission . I would really welcome help from any of the tech gurus about any user friendly open source software .
Looked at PGP but not sure if it would meet requirements
looked at all FIST guidelines but they dont recommend any specific software
also I was wondering if LMI Hamachi VPN would be secure enough for remote access
thanks
Bala
|
|
|
|
|
Joined: Nov 2005
Posts: 2,363 Likes: 2
Member
|
|
Member
Joined: Nov 2005
Posts: 2,363 Likes: 2 |
True Crypt is one way to encrypt the entire drive. Did I mention its Free!!!!
Bit Locker in Windows 8 Pro and above or Windows 7 Ultimate and Enterprise are another way of getting full disk encryption.
Now, as to securing traffic from PM to the clearing house, as well as with wireless transmission. That I will leave to others to answer.
Hamachi uses AES 256-bit encryption, which should meet HIPAA (128 bit) guidelines, as does LogMeIn, both Free and Pro
Wendell
Pediatrician in Chicago
The patient's expectation is that you have all the answers, sometimes they just don't like the answer you have for them
|
|
|
|
|
Joined: Dec 2009
Posts: 1,197 Likes: 8
Member
|
|
Member
Joined: Dec 2009
Posts: 1,197 Likes: 8 |
As for securing files from the PM to the clearinghouse, most likely the clearinghouse is having you use their Secure FTP site, so you are all set there.
For wireless, your wireless router should include the option to use WPA2 so you are all set there.
JamesNT
|
|
|
|
|
Joined: Oct 2011
Posts: 207
Member
|
|
OP
Member
Joined: Oct 2011
Posts: 207 |
thanks Wendell and James for the suggestions .
I will check with my clearing house about their secure FTP site .
I am using WPA2 for wireless .
I have tried Trucrypt and used it but was told that it may interfere with networking by AC tech support. I thought diskcriptor which is also free was better for whole disk encryption as it was designed for windows.I felt bitlocker would be more difficult for me as I did not have TPM on my computers.
glad to know that LMI is ok as that is what I am using now
any thoughts on Pretty good Privacy ( PGP) would be welcome
thanks again
|
|
|
|
|
Joined: Nov 2012
Posts: 25
Member
|
|
Member
Joined: Nov 2012
Posts: 25 |
You may consider hardware encrypton. HP has hdd that have that feature.
TIA,
Dr. James Webb
Solo Practice FP
KC, MO
|
|
|
|
|
Joined: Jun 2009
Posts: 1,811
Member
|
|
Member
Joined: Jun 2009
Posts: 1,811 |
There are several commercial whole-disk encryption programs that operate at a very low level and do not interfere with application operation.
One significant benefit is that if the machine is powered down, you cannot access the disk without the password. They can be stolen or lost, but they cannot be breached.
I am purposely not bringing up the NSA again since one of our regulars is still in Moscow.
|
|
|
|
|
Joined: Feb 2011
Posts: 679 Likes: 1
Member
|
|
Member
Joined: Feb 2011
Posts: 679 Likes: 1 |
Indy,
Could you share the names of the programs that you reference above?
Donna
|
|
|
|
|
Joined: Oct 2011
Posts: 207
Member
|
|
OP
Member
Joined: Oct 2011
Posts: 207 |
Indy,
I too would like to know which commercial programs you recommend .
my biggest fear is that my networking will be affected or if the encryption program malfunctions for any reason , even if I dont lose the key , that I may not be able to access the computer.
I backed up volume headers on some disks but found that those files were also encrypted and so do not know how to use them in case of failure or corruption of the software.
thanks
Bala
|
|
|
|
|
Joined: Sep 2012
Posts: 46
Member
|
|
Member
Joined: Sep 2012
Posts: 46 |
I use Truecrypt, with an encrypted partition for the database store (SQL Server Express files), but have not been using it for the primary operating system partition. I can see that at least the LastNoteBackup is sitting in a non-encrypted folder, but I think everything else that is is patient-specific is encrypted.
I had not previously heard that Truecrypt might cause problems for Amazing Charts. Then again, I was surprised to be specifically told to remove all access restrictions to the Amazing Charts folder on my (workgroup) server. I wonder if others have had any problem with restricting access to this folder, as would be usual network security policy? Are others successfully using Truecrypt on either the entire system partition and/or on the SQL server database store?
Don Manuele, DO (also in a boondoc town)
Don Manuele, D.O.
Solo Family Practice, Sequim, WA
|
|
|
|
|
Joined: Oct 2011
Posts: 207
Member
|
|
OP
Member
Joined: Oct 2011
Posts: 207 |
Dear Don ,
I would be interested to know how you encrypted only the data base .
after you create the encrypted volume are you moving the files into the volume ?
thanks
Bala
|
|
|
|
|
Joined: Sep 2011
Posts: 65
Member
|
|
Member
Joined: Sep 2011
Posts: 65 |
can anyone confirm if truecrypt works with AC?
Slater
|
|
|
|
|
Joined: Sep 2011
Posts: 65
Member
|
|
Member
Joined: Sep 2011
Posts: 65 |
encrypted one of my laptops, windows 8 with Bitlocker and it seems to work just fine thus far - if that changes will let everyone know.
Slater
|
|
|
|
|
Joined: Oct 2011
Posts: 207
Member
|
|
OP
Member
Joined: Oct 2011
Posts: 207 |
did you have a TPM or did you use a flash drive or pin ?
thanks
Bala
|
|
|
|
0 members (),
105
guests, and
24
robots. |
|
Key:
Admin,
Global Mod,
Mod
|
|
|
|
.png "ACUF Donor I")
