October 2, 2013

    Securing PHI data transfers with SFTP

    The amount of Personal Health Information being transferred has tripled over over the last 18 months. Most of that increased traffic can be attributed to the Affordable Care Act and facilities across the country converting to digital medical records. This conversion brings with it the question, "How do we securely transfer digital medical records?" One solution is secure SFTP along with Public Key Authentication and full disk encryption.

    SFTP, also known as SSH File Transfer Protocol, is a secure file transfer protocol. Adding Public Key Authentication allows for automated user login without the need for password entry. Public Key Authentication works by utilizing two separate keys, one which is public and the other which is private. The public key is used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature. The strength lies in the fact that it is "impossible" (computationally infeasible) for a properly generated private key to be determined from its corresponding public key.

    Full disk encryption, encrypts all data, including the operating system that is stored on the hard disks at either end of the connection. AES 256-bit encryption is performed on the fly by the operating system. This means there are no temporary files left unencrypted while the system is busy encrypting other files. Full disk encryption also has the added benefit of making the hard disk unusable if it is removed or lost.

    FTP Today's SFTP plans are tailor built to handle PHI data transfers

    Tag(s):

    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts