|
|
Patient privacy and record confidentiality are high-priorities at
DC Audiology. Implementing a digital
office required addressing security and privacy issues from the
onset. Our equipment and network, including Virtual Private
Network (VPN) technology, was designed around two
requirements--reliability and security. Redundant servers and
backup along with constantly updated and monitored security measures
have proven successful. We have had no loss or corruption of
patient information and no successful security attacks. DC Audiology has the ability to share test
results, diagnosis, and patient records digitally with referring
physicians. As such, we have implemented VPN technology, the most
secure method available to send information securely. What is a VPN? A simple VPN is a "virtual" tunnel between two machines. All network traffic between these machines passes through this "virtual" tunnel using encryption the Network layer. When the tunnel is first created, both machines must authenticate each other by way of encrypted certificates. After authentication the machines negotiate what encryption algorithm to use, what secret to use with the encryption algorithm, what data integrity algorithm to use, what network traffic to pass through the tunnel, etc. After successful negotiation network traffic between the machines will flow through the constructed VPN. Why is it useful? VPN's are typically used to provide secure communication between systems across the Internet. Company to company or branch-office to head-office secured communications are common examples. A VPN can be used to ensure the identity of the participating machines (authentication and non-repudiation). It effectively prevents data modification and session hijacking. The VPN can prevent eavesdropping if the data is encrypted. Unlike application level network encryption like SSL a VPN is not application specific. All data between machines participating in a VPN can be protected. VPN's are an effective way to create secure communication channels
across the Internet or between sensitive systems within a company's
internal network. With the inclusion of VPN support in a host of
systems, the
deployment of VPN's is going to become more commonplace in the near
future.
(Above information on VPN is extracted from What
is a Virtual Private Network(VPN)? Security Implications of Virtual
Private Networks |
