We take Security and Data Protection

Seriously

Physical SecurityThe MRX servers are housed in Telehouse Data

Centre, Docklands, London.

Physical SecurityTelehouse provides:

•Independent client card identification access system.•Secure & monitored single-person point of entry, physically guarded 24/7 and integrated digital video camera surveillance.•Proximity card access will be provided from the main Data Centre building and will be issued to specific facilities management suites.•Strict security processes in place to ensure delivery and loading of goods are secure.

Physical Security•CCTV coverage for the perimeter, common areas and facilities management suites.•Perimeter fence is fitted with intruder sensing.•Secure access procedures to ensure nominated staff can gain authorised access to the facility day or night.

Server Connectivityhttps – Secure Web for user access to the system.SSH – Secure Shell using a non standard port for system administration access to the system.

Both these connection types use public-key cryptography to protect data travelling between client and server using 256-bit encryption.

Server ConnectivityPublic Key Certificate•Every client that connects to the server must have a Private Key Installed that matches a Public Key held on the server.•Each Client has their own key pair.•Without a valid key pair it is impossible to connect to the server remotely.

Sensitive Data Storage•Stored in a secure area of a SAN located in the same rack as the server in Telehouse London.•Deleted once it has been downloaded.•Encrypted using the OpenPGP standard.

Sensitive Data StorageOpenPGP (Pretty Good Privacy)•Uses Public Private Key Encryption.•Public Key held on the server used to Encrypt data.•Private key held by the client is the only way to Decrypt the data.•Minimum 2048-bit Encryption.

Identity ControlOrganisations new to MR X request access to the system by completing an online form on the public web site.

Identity ControlWe verity the authenticity, address, telephone number of the applicant organisation and capture details of the senior staff using yell and industry specific lists.

Identity ControlWe call the applicant organisation using the publicly available phone number, confirm the authority of the person applying. We verbally agree pass phrases for keys, and initial password for the system with the applicant.

Key and Certificate ControlThe agreed passwords and phrases are passed to the system administration team on paper (no electronic copy is taken and any form of copying of the original paper copy is not allowed).

Key and Certificate Control•The system administrators, using a stand alone computer create and signs the key pair for connecting to the server using the agreed passphrase. •The User is created on the system.•The public key is loaded onto the MR-X servers.

•Paper containing pass phrases and passwords are destroyed.•All keys are valid for 1 year.•Keys can be revoked if they are compromised.

Key and Certificate ControlThe following are emailed to the applicant:•Private key and Certificate.•Root Certificate.•User name.•Instructions as to what to do next.•User Manual.

Key and Certificate Control•The client follows the instructions sent to them to install certificates (they require the passphrase previously agreed with us) on to any computers they require to access the MR-X system.•The client can then log onto the system, change their password, create additional users.•The instructions make the client aware that they are responsible for their own security and they must advise us if security is breached.

PGP Implementation•PGP is only required to be installed by those organisations receiving Medical Records.•For those that require PGP as a desktop application we provide a link to the Gpg4win program.•For those that receive a large number of Medical records we can provide a hardware solution.

PGP ImplementationInstructions are given to the client: •How to create a PGP key pair.•How to use Gpg4win with the MR-X system.•To send us the Public key.

PGP Implementation•We will call the client to confirm they sent us the key and to authenticate it through the key fingerprint.•We will sign and install the public key on the MR-X servers.•We will register the key against the clients account on the MR-X system and activate the “receive medical records” feature.