The use of cryptography and cryptographic key management in healthcare to protect data at rest or media is a reality for medical institutions and users of services such as cloud storage, messaging and many others.
However, those responsible for these services are presented with many options for cryptographic mechanisms and consequently there are many choices to be made.
Poor choices in cryptographic key management in healthcare can result in little or no gain, even loss, creating a false sense of security in a healthcare organization’s data.
For example: encrypt a database and keep the cryptographic key in a file on the server.
In this article we intend to address some relevant aspects for the information security of data in the health area that are related to cryptographic keys.
With this we will show the importance of their correct management for the programming of cryptographic services.
To facilitate understanding, we will divide the article into three parts. Starting with the basics about cryptography, cryptographic services and finally cryptographic key management.
Cryptographic Key Management in Health and Data Encryption
Cryptography is a set of principles used to ensure the security of information in a healthcare institution.
To this end, cryptographic key management in healthcare employs techniques to transform one piece of information (cipher) into another (cryptogram) that is readable only to those who know the secret (secret key).
By keeping this secret safe, we prevent unauthorized persons from gaining access to the original information (decrypt).
-
Secrecy
The security of cryptographic services is based on the secrecy of the cryptographic key, which allows encryption and decryption, and not on the method of transforming the information, i.e. the algorithm used, which must be public.
-
Symmetric and asymmetric keys
In cryptography there are two basic types of algorithms: symmetric and asymmetric key. The former use a single key to encrypt and decrypt the data, while the latter adopt a pair of keys, one for encryption and the other for decryption.
Cryptographic services
There is really no 100% method, not for health or any other area, but some guidelines can help reduce or prevent attacks.
One of the first steps to be taken into consideration is the confidentiality of each patient’s data. Use a network where only authorized persons have access.
Looking for special storage for your data is also one of the ways to prevent data leakage. There are storages that can help digital health security in this regard.
As mentioned above, it is clear that encryption and cryptographic key management in healthcare are the most efficient ways to prevent data theft in healthcare.
Whether it is to protect data at rest, i.e. that is stored, or even to protect data in transit, i.e. that travels on the network, coupled with strict access control are essential to help the hospital keep data protected.
It is worth remembering that it is super important to protect the perimeter with a firewall on your network and also to protect the desktop / servers with antivirus, among many other tools.
-
Confidentiality
According to studies
email attacks grew by 473%
2017-2019 for health alone. The maintenance of outdated legacy systems is one of the reasons for this high volume of attacks.
Another study estimates that spending on advertising alone, due to image risk,
increases by 64%
in hospitals that suffer data leaks.
Confidentiality has to start with the adoption of an Electronic Patient Record (EPP), which in addition to centralizing the medical data of each care (complete history), facilitates the achievement of prestigious accreditations in the sector, such as HIMSS (Health Information and Management Systems Society), linked to good health IT practices.
You need to train your staff constantly to avoid improper access and use of the applications provided within the institution.
Confidentiality of data through encryption, management of cryptographic keys in health and with proper access control, also ensures that information cannot be viewed by third parties and that only authorized persons have access to it.
-
Integrity
The technique for ensuring integrity is in short, when a given piece of information is not modified in an unauthorized way after its creation, during transmission or storage.
Whether the change is accidental or intentional, the insertion, removal or replacement of data must be detected. Cryptographic mechanisms such as cryptographic digest, also known as hash, and digital signature provide the support for this service.
-
Authentication
The authentication service verifies the identity of a user in order to have some assurance that the person is who they say they really are. There are several authentication mechanisms, user and password is a well-known model, but so is authentication using a digital certificate.
In the digital certificate model, one can use the SSL protocol, or even login digital signatures as an authentication model. The digital certificate is interesting to use the ICP-Brazil model or another that the organization trusts, such as Internal Certificate Authority.
In the ICP-Brasil Certifying Authorities, it is in the process of issuing the digital certificate that the person needs to attend a face-to-face validation, now there is also the remote modality, with original documents that prove the identity of the applicant.
-
Irretractability
The non-retractability service provides the means to ensure that whoever created information cannot deny its authenticity, or at least that it is difficult to deny.
In this sense, it is linked to the digital signature, in which the owner of the private key cannot deny that he has held it for a particular purpose.
-
Authorization
Additionally, after authentication, it is possible to use the information of the authenticated user in the system to define the authorization of the information. The authorization service provides approval or permission for the execution of an activity.
As an example, the authorization service can be employed to define the permissions to use a cryptographic key that would consequently allow access to a certain piece of information.
Cryptographic key management in health
Cryptographic keys are the foundation of cryptography and the security of encrypted data lies in them. Breaches can lead to the compromise of keys and, consequently, the leakage of sensitive information such as patient records.
The increase in the use of encryption for data protection in healthcare institutions, mainly due to government regulation, means that they have to deal with multiple solutions to encrypt data, see LGPD.
Because of the diversity of vendors, organizations also need to define various procedures for managing cryptographic keys, and these are not always adequate.
Cryptographic key management consists of storing, protecting, organizing and ensuring the proper use of cryptographic keys, managing their lifecycle and maintaining backup copies in a secure and consistent manner.
-
Secure storage of keys
The keys should be stored securely, i.e. encrypted and with access control.
Encryption should preferably be performed by means of keys (
KEY
) protected on a cryptographic hardware, preferably.
-
Identification of keys
It should be possible to identify a key, its type, its purpose, who is authorized to use it and the period of use.
Life cycle of cryptographic keys
The lifecycle of cryptographic keys must be controlled so that they are used properly during their validity period – i.e. only authorized persons or systems can use them during a predefined time and with secure mechanisms so that they are not compromised.
We will describe the life cycle of the keys, according to NIST recommendation.
The life cycle of a key starts with generation and ends with destruction, passing through one or more of the states described below:
- generation: moment of creation of the key, which is not yet ready for use;
- pre-activation: the key has been generated but is not yet ready for use because it is waiting for the period of use or the issuance of a certificate;
- activated: the key is available for use;
- suspended: the use of the key is temporarily suspended. In this state, it can no longer perform ciphering or signing operations, but can be used for data recovery or verification of signatures previously performed.
- inactivated: the key can no longer be used for ciphering or digital signing, but is kept for processing data ciphered or signed before inactivation.
- compromised: indicates that the key has its security affected and can no longer be used in cryptographic operations. In some cases, as in symmetric keys, it can be used to recover the encrypted data for later encryption with another key.
- destroyed: this status indicates that a key is no longer required. The destruction of the key is the final stage and can be achieved due to the end of the key’s usage cycle or the compromise of its security.
Generally speaking, both healthcare institutions and all organizations should focus on continuous improvement while managing their risks at a price that is compatible with their reality.
Companies should critically evaluate how to protect their systems. They should also consider the “root causes” of security incidents in their environments as part of a risk assessment.
As systems become more secure and institutions adopt effective measures to manage their processes, key management becomes increasingly essential. Protecting a healthcare organization’s data is critical to the security of its patients’ information.
About Eval
EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.
With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.
Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.
Eval, safety is value.