Spinnaker provides registered users with access to data they are genuinely entitled to see but if a user password is compromised, or there is a server data breach, there may be an opportunity for a member of the public to read private patient data.
Our aim is to keep your data secure, protect your patients privacy from outsider hackers and minimise inadvertent/naive mistakes made by genuine users of Spinnaker. This is the first of a 4-part security blog that will outline how we do that and hopefully we can provide you with some tips to help you keep things secure too. To address security threats we need to be inwards and outwards looking with our security eyes!
Outside hackers are people probing from outside the Spinnaker platform and our firewalls and server security take care of these attempts. Some of these forays don’t cause a data breach but they can be a real nuisance, think… a car parked across your garage entrance stopping access versus someone breaking into your garage!
We consider hackers will be testing the vulnerability of our servers for the purposes of gaining control, causing disruption or simply for fun. To protect against these forays we perform vulnerability and penetration testing, update our security regularly and run an external firewall to assist with preventing disruption hacking (DDOS attacks).
In the extremely unlikely event that access to our databases was obtained (i.e. breaking into the garage!) a hacker would find all the patient identifiable data and your passwords have been encrypted.
Sometimes genuine users of the platform make security mistakes through naivety or just by accident. We do our best to limit these by:
- insisting passwords meet a specified criteria
- using one way encryption to encrypt all passwords
- never including patient identifiable information in any emails from Spinnaker (you need to be logged in to see that data)
- silo-ing data so that each hospital can only see their own patient data
- maintaining the encryption when data is exported, that way if someone accidentally emails a spreadsheet to a person outside the hospital the patient identifiable data is not readable
Patient identifiable data is 2-way encrypted using an Advanced encryption standard (AES) known as Rijndael (pronounced rain-dahl) with a 256 bit key.