Recovering a Lost / Forgotten Shared Encryption Key

If your Shared Encryption Key has been lost, unfortunately, OceanMD has no way to find or retrieve your unique key on your behalf (this is one of the ways we help to ensure patient data is always secure). However, there are some troubleshooting steps you can take to try to recover it on your own.

  1. Try the Ocean Portal.

    • Log in to the Ocean Portal. Click the "Menu" button in the top left corner and select Admin.
    • Click "Encryption" on the Admin Settings page and your Shared Encryption Key should appear there. If not, the "hint" may help you track down where you should be looking and/or what you chose your key to be.
  2. Try Ocean Cloud Connect.

    If your site uses Cloud Connect to integrate Ocean with your EMR, your key will also be stored in this configuration.

    • To review your key, sign into Ocean Cloud Connect, and click the blue button labelled "View Shared Encryption Key", which is located under the Shared Encryption Key panel on the righthand side of the page.

      After confirming this action, the key will be displayed on screen.

    Note: accessing your key via Cloud Connect will alert your site's clinical administrator as a security precaution.

  3. Try your EMR.

    • If you are using PS Suite or OSCAR, you may be able to access the encryption key from within your EMR.
    • If you are using PS Suite, open the Ocean custom form and click "Settings" on the custom form. Enter your Ocean credentials (username and password) and a menu of options should appear. Click on "Shared Encryption Key" to view your shared encryption key.

    • If you are using OSCAR, open the Ocean eForm in OSCAR (using the Ocean shortcut on the appointment schedule or in the "Manage eForms" section in the Administration panel) and select the "Settings" button.
    • Click "Advanced Settings" and then select "Reset Encryption Key". You will then see your existing shared encryption key value listed in the input box in that window. Once you copy the key from the box, select the "Cancel" option.
  4. Try a colleague's web browser.

    • An Ocean user who can view patient data in their web browser can do so because they have the encryption key saved in their browser's local storage. If you set up Ocean using your web browser, it might be available by logging in to the Ocean Portal using this same web browser. If another colleague set Ocean up, you can ask them to log into their Ocean Portal account.
    • In either case, you will see the shared encryption key in the Admin view of the Ocean Portal (which only site administrators can see) in the "Encryption" section (selected from Admin Settings page).
  5. Try an Ocean Tablet.

    • If you have an Ocean Tablet, you can view the encryption key in Administration Menu (which an Ocean user with admin privileges can access by tapping on the Ocean logo or "cog" icon in the bottom left). From this Admin menu, choose "View Shared Encryption Key" to view your site's Shared Encryption Key.

If you've tried all of the above and still can't find your encryption key...

If your Shared Encryption Key is truly lost, you will need to create a new one and update all your devices.

However, if you do this, you will not be able to retrieve any previous patient responses or referrals (and we, sadly, cannot help retrieve them either).

We can help you set a new key at this point, as long as you are ready to abandon old Ocean patient records that have yet to be downloaded to your EMR. To do this, please contact the OceanMD Support team.

Protecting Your Shared Encryption Key in the Future

Your Shared Encryption Key is an important safeguard against unauthorized access to your patient's data, and should therefore be handled with great care and stored in a safe place. It’s also recommended that access to the key be limited to trusted administrative account holders. In order to prevent against the worst case scenario of a lost key (and lost patient data), we recommend taking the following steps:

  • Administrative access in Ocean is required to change the Shared Encryption Key. As a result, you should limit admin privileges to a small number of trusted users. However, always ensure that you have redundancy, in case an admin user leaves the organization.
  • Ocean allows you to save a "hint". Make an effort to ensure that the hint will always allow an admin user to recover the key. This might include noting a secondary storage location.
  • You can download, print, and complete this Clinic Reference Card and keep it in a safe location for future reference.
  • Consider a safe online password storage tool designed for shared team use such as Common Key or 1Password.
Have more questions? Submit a request