Website and Communication Security through Encryption

A big challenge for a business trying to leverage open source technology for their public website is the security. Like all other industries, doctors and lawyers want to be able to leverage this free technology for appointments, live help, offline contact, sign-up forms, and basically anything with patient data. Despite the need in this arena, there are not a lot of quality/ affordable offerings for the small practice.

For the small practice, cost is no doubt a large factor. Many of the players in the field charge $500 to $1000 dollars per month to secure you data. This is not a reasonable cost for a small practice in my opinion.

In my work with setting up sites for some of these professionals, here are the solutions that I have combined with great effectiveness. I have used LuxSci secure email and forms. In order to maintain HIPAA compliance, I have used Gazzang to encrypt the MySQL databases which allows the data to be encrypted at rest. Of course I am using the tried and true SSL encryption to encrypt the data in transit.

The negative to this approach is it is not a “do-it-yourself” security approach for the average doctor or lawyer. It is going to require you to have a skilled web administrator on board. To be totally effective it is going to require securing computers that you use to access the data.

LuxSci is company that provides a host of services. The two biggest for lawyers and doctors is their email and secure form products. These two pieces are easily (for a skilled web admin) customized for your domain and business needs. Their secure email solution is to the end-user just a different webmail program. All the magic of securing your email happens in the background. LuxSci also has the ability deliver the email securely to mobile devices.

Something that really stood out for me about LuxSci is their customer service. They go above and beyond to make their solution work for you. While securing some very large and complex pdf forms for one counseling practice, I ran into some errors in their form submission environment. This isn’t a negative on them at all, this was some pretty non-standard stuff. They immediately starting working on the issue. It was a problem that required some back end recoding of how the software actually handles data. They were able to very quickly find the bug and fix the code.

If you have done a lot of work around software and hosted web services, you know how unique this ability has become. There are so many platforms out in the market place that are redeploying the code of others and can’t really fix core problems. This company can fix it. I have had other occasions to need their support for issues and I can’t say enough positive things about their customer service.

Gazzang EzNcrypt is the solution I use to encrypt my MySql database. What this solution does is break out specific tables out of your MySQL database that need to be encrypted. These tables are then encrypted utilizing a key on their servers (or yours alternatively). This encryption is transparent to the software needing to access it. The ability to encrypt MySQL databases at rest fills a big piece in being able to use open source software to your needs while still maintaining high security and HIPAA compliance.

While installing the Gazzang solution in my environment, I hit a couple of snags from my own lack of understanding of all the details of the install. (Note that this is a command line install. –that means old fashioned DOS interface like we used in the early 90s. You will need a web admin to do this.) Gazzang was very responsive when I contacted them. In a very brief time I got email responses from one of the design team. He was quickly able to help me though the issues I was having.

I have had follow-up contacts with both of these businesses since I selected them for my needs. I can tell you that both companies are very customer service oriented. Both companies are striving fill a niche with a significant need at an affordable price. I truly wish both companies the best and rapid growth. As a note: I have not been compensated in any way by either company.

Speak Your Mind

Phone: (615) 208-6565 1633 W. Main St, Suite 902, Lebanon, TN