-
Notifications
You must be signed in to change notification settings - Fork 2
Privacy and security
The following is written for the US legislation controlling medical information (HIPPA). KoNote is also compliant with regulations from other jurisdictions, including the Ontario Personal Health Information Protection Act (PHIPA).
KoNote uses a multi-layer approach to securing data. First, all clinical information is stored in an encrypted form. KoNote uses 256-bit AES encryption, the same encryption technology used to secure online banking, to ensure that only users with the proper user name and password view patient information. Second, KoNote and the encrypted files can be installed on a network drive. This gives IT the ability to control access to the application in a familiar way, using the same access controls (file permissions) used to protect documents and files on the network drive. This also allows KoNote to leverage any existing backup solution that is in place.
Most health providers that store individually identifiable information are required to follow the privacy and security regulations set out by HIPAA. To be compliant with the HIPAA Security Rule, software systems that store Protected Health Information (PHI) must have certain security features. To meet compliance requirements, KoNote includes these Technical Safeguards:
HIPAA requires that covered entities implement technical policies and procedures for limiting access to protected health information.
KoNote has a built-in user management system, allowing access to be limited to only authorized users. Different users can have different levels of access within the KoNote system. Every user is given a unique identifier, as required by HIPAA regulations. KoNote follows NIST guidelines on password usability.
KoNote uses state-of-the-art encryption technology to secure all patient information, protecting the confidentiality of the information in the event of a network or server compromise. That same encryption technology detects when health records have been tampered with by an unauthorized user. The encryption is only removed when it reaches an authorized user's workstation, ensuring that data is encrypted both "at rest" and during transmission. The KoNote application provides an automatic logoff feature, locking the application if the user has been inactive for a period of time. In addition to KoNote's own access control mechanisms, KoNote is designed to work within any file- and directory-based access control mechanisms that are already enforced in the context of an SMB file share.
A core design principle of KoNote is to maintain a complete clinical history for every client. As a general rule, clinical information is never removed or overwritten in KoNote. New information is only ever added on to the end. This is useful not only from the clinical perspective of providing complete information to healthcare providers, but also from an auditing standpoint. Every change to a patient's record is logged in minute detail. A full history of what was changed, when, and by whom is always maintained. Additionally, since KoNote uses a document-oriented database, we can leverage the file-system auditing capabilities of the host OS to record all activity in the database, even when KoNote is not running. For Windows Server, this can be done via the Audit Object Access Group Policy Object setting and defining a corresponding System Access Control List. Logs are then available in the Event Viewer. This approach allows system administrators to define the scope of the audit controls and easily be integrated with existing audit tools or processes. Metadata recorded in the log includes object details (ex. filename), request details (ex. file read), user account details, process details (ex. konote.exe or explorer.exe) and timestamp.
KoNote's user account system and encryption technology works in combination with file- and directory-based access control mechanisms to protect health information from improper alteration (see "Access Control", above). Encryption prevents unauthorized users from tampering with health information while it is stored "at rest" and during transmission. For further protection, file- and directory-based access control can be used to protect records from tampering and unauthorized destruction. KoNote is designed to operate with only Create and Read permissions so that non-administrators are unable to destroy data or erase the history of a record (contact KoNote support for assistance in configuring these permissions).
KoNote implements a password-based authentication system based on NIST guidelines for password security and usability. A user's account password is never stored directly; instead, the password entered at the login screen is used to produce an encryption key that can unlock that user's data.
KoNote's state-of-the-art encryption technology protects all patient information, and is only removed when information reaches an authorized user's workstation, ensuring that data is encrypted both "at rest" and during transmission. KoNote's encryption is based on AES-256 and 3072-bit RSA, both of which are approved by the US government for protecting classified information up to the "Top Secret" level.
Questions? Contact konote@logicaloutcomes.net