To use Ocean with your patients, your site must first choose a shared encryption key. You should only proceed to set up this key if you are an authorized representative of your clinic.
What is a Shared Encryption Key?
- A secure key that Ocean sites use to safely and securely exchange patient data.
- All transmitted patient data is encrypted using this private key, defined by and known only by the clinic administrator.
- Any of your devices that are connected to Ocean (workstations, tablets, EMR) will require this key.
Shared Encryption Key Security
- This key must be kept private within the clinic and shared only with authorized personnel as needed.
- This key is stored in Ocean Cloud Connect. The Ocean Cloud Connect application runs on a separate server from the main Ocean application. This separation means ensures that only authorized Site Admins can access it, while still allowing Support Site team members to assist with setup without having access to PHI.
- Even OceanMD system administrators do not have access to this key and they will never require it. This ensures that even the most trusted OceanMD administrators are completely unable to read patient health information.
Setting Up Your Shared Encryption Key
-
- Login to the Ocean Portal. Click the "Menu" button in the top left corner and select "Admin".
-
Enter the "Encryption" section from the Admin Settings page to set up your shared encryption key. You may choose to either type in a shared encryption key of your choice or keep the randomly-generated key that is generated for your site automatically. The shared encryption key must meet the following requirements:
- It must be 16-characters long.
- It must contain at least one digit, one uppercase letter, one lowercase letter and one punctuation mark (e.g. !, ., _, @, etc.).
- It should NOT be one of your personal passwords because it may be shared with other users at your site.
- Leave yourself a hint and store your encryption key in a safe spot in case you need to enter it again in the future (e.g. if you get a new computer or use a new browser). You must also acknowledge that you have done so.
- Click "Save" to save your shared encryption key. You can return to the "Encryption" section of the "Admin" Settings page in the Ocean Portal to view your shared encryption key at any time.
- Store your Shared Encryption Key in Cloud Connect as part of the Cloud Connect Set Up process.
Important Notes about the Shared Encryption Key
Your shared encryption key is an important guard against unauthorized access to your patient's data, and should therefore be handled with great care and stored in a safe place. For safekeeping, we recommend that you download, print, and complete this Clinic Reference Card and keep it in a safe location for future reference.
It’s also recommended that access to the key be limited to trusted administrative account holders.
If you have misplaced your encryption key, try following the steps outlined in "Recovering a Lost / Forgotten Shared Encryption Key" to recover it.
In the worst case scenario where your encryption key really has been lost, OceanMD will NOT be able to find or retrieve your unique key on your behalf (this is one of the ways we help to ensure patient data is always secure).