Toronto hospital backs new encryption security strategy

The tech is designed to bring medical staff and patients closer together through private online communications, protecting this exchange of data as well as sensitive data at rest.
By Bill Siwicki
11:18 AM
Share
new encryption security strategy

North York General Hospital is an academic medical center in Toronto, Canada. Photo via Google Maps

North York General Hospital, an academic medical center in Toronto, has selected cybersecurity firm Thales to provide hardware-based encryption technology to facilitate the secure exchange of information between the hospital’s physicians, healthcare staff and patients.

The resulting digital service supplements in-person consultations with online communications using PCs and mobile devices, enabling more timely and convenient interactions between patients and hospital staff, Thales said.

[Also: Experts back Senate IoT security legislation]

“The solution is designed to bring medical staff and patients closer together through private online communications, protecting the exchange of data between hospital staff and patients, as well as sensitive healthcare data at rest,” said Juan Asenjo, partner, integration marketing, at Thales. “Privacy and security of data exchanged is ensured by encryption of the data in motion and at rest.”

The conduits for that data include hospital IT infrastructure, medical appliances, and patient-owned devices such as mobile phones and PCs, Asenjo added. The data exchanged can be part of a medical record, but it is not the complete record. Internet of Things data will be included in the future.

[Also: Ransomware and electronic records access, healthcare's biggest threats]

With a goal of identifying a strategy that allowed for growth, flexibility and privacy, North York General Hospital also selected IDENTOS, a vendor of encryption services and a Thales technology partner, to provide the security platform needed to run the service, the hospital said.

IDENTOS offers a key management technology specifically optimized for mobile application integrations to protect data and transactions on mobile devices. The IDENTOS technology integrates in a few hours with full-service modules for application anti-tampering, data encryption, digital identity, Fast Identity Online (FIDO) authentication, and end-to-end secure chat, the company said.

The IDENTOS encryption-as-a-service subscription platform is integrated with Thales nShield Connect hardware security modules to protect and manage cryptographic keys within a hardened device. The nShield Connect hardware security modules support some of the highest cryptographic transaction rates in the industry, making them ideal for the cyberattack-prone healthcare sector, Thales said.

“We opted to add the IDENTOS solution to our security infrastructure toolbox to provide more flexibility in providing modern, encryption-based strategy driven by Thales and IDENTOS,” said Sumon Acharjee, CIO at North York General Hospital. “These two companies have the extensive, proven experience necessary for creating a solution that embraces growth, flexibility and accounts for today’s mobile-savvy users.”

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com