Ocean Security Overview

OceanMD provides software solutions designed to enable secure and private communication between patients, healthcare providers, and researchers. As a trusted provider to health information custodians, we are committed to the most stringent approaches to data security and privacy and full compliance with PIPEDA regulations.

The Ocean Platform was built from the ground up to maximize security and protect privacy. Ocean’s industry-leading security stems from our robust client-side patient encryption technology. All patient data sent to and stored within Ocean is encrypted end-to-end using the industry-standard 256-bit AES (Advanced Encryption Standard), the same technology used by financial institutions and other healthcare institutions, providing an extra level of protection for PHI stored in Ocean.

To guard against any possible breach of personal health information on our Ocean servers, all patient encryption keys are kept secret by end-user health information custodians using Ocean. The encryption keys are not accessible to OceanMD employees, and they are never transmitted to third parties. No one outside of the clinic can decrypt personal health information without these encryption keys. Therefore, even if the Ocean server were to be compromised, or the data were to be intercepted en route, no unencrypted personal health information would be accessible.

Our client-side encryption architecture provides an industry-leading protective safeguard for personal health information.

Article Link

Data Transport

The Ocean system moves data between three systems over the Internet:

  • the Ocean Tablet app
  • the Ocean server
  • the Electronic Medical Records (EMR) package.

In order to prevent eavesdropping, the Ocean system uses HTTPS, which is the global standard for secure data transmission used by governments and banks around the world. It would take millions of years to “brute force” hack the current standard of SSL encryption.

CognisantMD uses a signed, registered, publicly-trusted SSL certificate to protect against “man in the middle” attacks.

Article Link

Data Storage

No personal health information is stored on the Ocean tablet. This guards against any privacy breaches in the event of theft or loss of the tablet.

Ocean stores its data in a highly secure, 100% Canadian-based data centre. Our data centres utilize superior data center infrastructure including environmental controls, fire suppression systems, redundant power sources and UPS backup, multi-homed Tier 1 bandwidth, 24/7 security including card entry, video monitoring) as well as technical and monitoring capabilities.

Administrative access requires an SSH connection with a key held only by OceanMD system administrators.

Database access is limited to the application server cluster via IP white listing, meaning external computers are blocked from accessing the database directly. The database is secured with a password known only to OceanMD system administrators.

For more information, please consult this article on the type of personal health information that is stored.

Article Link

Patient Data Encryption

As an additional layer of security, all transmitted patient data is encrypted using a client encryption key, defined by and known only by the health information custodian and their chosen agents. OceanMD system administrators do not have access to this key. Since the key is required to decrypt PHI, this policy ensures that even trusted OceanMD administrators cannot view PHI.

The system uses AES for the encryption algorithm (an industry standard).

The only pieces of data that are not double-encrypted using this key are those collected by optional, specially designated anonymous eForms, explained further in the next section.

Article Link

Anonymous Data

Ocean allows some carefully-selected forms to be designated as “anonymous”. These anonymous forms provide a secure mechanism for participating clinics to submit and aggregate research data on the Ocean server.

To protect patient privacy, responses to the answered forms are stored without any patient identifiers. Example informed consent forms are available to capture the patient’s consent when required.

Ocean site administrators have complete control over their participation and use of anonymous forms to ensure adherence to the principles above for their patient population (e.g. appropriate informed consent in local language, etc.).

Article Link

Authentication

There are three authentication mechanisms in Ocean:

CognisantMD User

A CognisantMD user can log into a site to manage configuration, export study results, etc. A CognisantMD user may belong to multiple sites and multiple sites may be associated with an individual user.

The credentials are private to a user; passwords are salted and one-way-hashed using SHA-256. In layman’s terms, there is no feasible way for anyone else to read or reverse-engineer a user’s password.

Ocean Wave Tablet Token

Ocean Wave tablets have their own unique authentication with limited security access, independent of specific users. Tablets are initially registered for a specific clinical site by a designated CognisantMD user. The registration is stored using a randomly generated token key secure to the tablet application.

Site EMR System

The EMR authenticates with Ocean using a site number and site password. The site password is manually configured in the EMR and in the Ocean site by a CognisantMD user.

Article Link

Access and Authorization

To prevent any potential security oversights, all server-side services and resources are locked down by default. Users or other agents must be explicitly granted access to specific services.

In other words, no user, tablet, or EMR is granted access to do anything more than the bare minimum required to do its specific job.

Some examples of these restrictions include:

  • no tablet is able access a patient chart without an authorized EMR user specifically granting access to the tablet for that patient’s chart on that day.
  • individual users are systematically blocked from accessing data from any other site.

To ensure that these access constraints are always enforced, automatic security access filters are implemented on the server.

This server-side firewall ensures there is no access to a “backdoor” that might be exploited by malicious clients or compromised web browsers.

Article Link

Privacy Risk Findings

OceanMD maintains and publishes a list of open privacy concerns, issues or risks.  The list is updated as risks are identified and risk mitigation recommendations are developed.  Open risks are maintained in the Privacy Risk Findings document and reviewed at least monthly in a standing meeting attended by the Privacy Officer and relevant department personnel.

Please email privacy.officer@oceanmd.com to request access to the Privacy Risk Findings document.

Article Link