Skip to main content
Contact Us

Everything, Everywhere Point of Care™

Protecting Your Data with Encryption

Point of care never stops. You need interfaces that are perpetual, notifications when things go wrong, and a reliable middleware solution that is always available. Your team needs access to patient data to provide the best healthcare outcomes, but you’re also tasked with maintaining data security.

Data security is important to you – and TELCOR, too.

Encryption is a process where data is converted into a cryptic or non-decipherable format to protect it from unauthorized access. Encrypting data at rest can be accomplished via either Full Disk Encryption or the SAP Sybase SQL Anywhere 17 database itself. Encryption for data in transit is accomplished via TLS and certificates.

Full Disk Encryption

Full Disk Encryption (FDE) renders data on a storage drive unreadable by anyone who doesn’t have the decryption key. By encrypting the entire storage device, the risk of unauthorized access to your information is significantly reduced. FDE would be enabled by your IT team. Contact your IT team if you have questions about FDE.

lock on top of paper with various data

FIPS Database Encryption in SAP Sybase SQL Anywhere 17

FIPS-certified encryption technology refers to cryptographic modules or algorithms that have been evaluated and validated by an accredited laboratory against the requirements set forth in the Federal Information Processing Standard Publication 140-2 (FIPS 140-2). This standard, established by the National Institute of Standards and Technology (NIST), outlines rigorous security requirements for cryptographic modules used within the U.S. federal government and other regulated sectors.

  • Enhanced Security: FIPS encryption safeguards this data by transforming it into an unreadable format, rendering it useless to unauthorized individuals even if intercepted.
  • Regulatory Compliance: Many healthcare regulations, like the Health Insurance Portability and Accountability Act (HIPAA) in the U.S., mandate robust data security measures. FIPS compliance demonstrates that an organization adheres to these regulations and protects patient data according to established standards.
  • Enhanced Protection: FIPS-validated algorithms and implementations offer a stronger defense against cyberattacks and unauthorized access attempts.
The absolute minimum amount of protected health information (PHI) required for POC is stored in the QML database. Once the production database is encrypted, each backup is encrypted as well.
PHI for Patients Stored in the QML Database
PII for Operators Stored in the QML Database

FIPS AES 256-bit encryption for the QML SAP Sybase SQL Anywhere 17 database can be purchased for the QML Production and QML Test system for data at rest. Contact TELCOR if you’re interested in implementing FIPS database encryption.

Transport Layer Security (TLS) in TELCOR Components

TLS is a cryptographic protocol ensuring secure communication over a computer network. Using digital certificates, TLS is designed to provide authentication, integrity, and data privacy between client-server applications, ensuring the client is communicating with the legitimate server, not an imposter.

  • Confidentiality: Encrypted data becomes unreadable to anyone without the decryption key, guaranteeing the privacy of your POC information.
  • Integrity: TLS ensures data remains unaltered during transmission, preventing unauthorized modifications or tampering.
  • Authentication: It verifies the identity of both parties involved in the communication, preventing impersonation and man-in-the-middle attacks.

TLS not only protect your POC data in transit between QML and other systems, it protects all data from the user to the server and back.

TELCOR has TLS solutions for ADT, Orders, Unsolicited and Solicited Result interfaces. This feature can be enabled at no additional cost to you from TELCOR. TLS is not enabled in TELCOR components by default because the other system – whether it is sending information to QML or receiving information from QML – must also be able to support TLS communication. TELCOR is committed to working with all device and LIS/EMR vendors to test and implement TLS interfaces as demand arises.

Both procurement and ongoing management of the digital certificate is the customer’s responsibility. For compliance purposes, TELCOR requires the certificate be procured from a trusted third-party certificate authority.

TELCOR has completed projects to enable certificated encryption for in-transit QML data as defined below. However, these are awaiting the first customer implementation. Implementation of this encryption with devices is dependent on the system vendors. The TELCOR release schedule to enable all versions of TLS encryption for in-transit QML data is as follows:  

  • HL7 Solicited/Unsolicited Results and ADT via TCP socket to socket communication was released in Q1 2023.   
  • HL7 Orders via TCP socket-to-socket communication was released in Q3 2023.
  • SAP Sybase SQL Anywhere 17 database connections was released in Q1 2024 and requires FIPS encryption of the SAP Sybase SQL Anywhere 17 database.
  • Device interfaces will be updated as device vendors make transmission encryption available. 

If you want to implement TLS with digital certificates, please contact TELCOR.

Learn more about TELCOR Point of Care Solutions

Contact Us
Discover More About TELCOR POC Data Security
female-healthcare-worker-using-laptop-while-workin-2023-11-27-05-26-45-utc

Complete Access to Your Data

Read More
healthcare worker looking at computer monitor

Maximizing Uptime

Read More