Sidebar

Is message data, that may contain PHI, encrypted within the QIE DB or should the DB be encrypted?

asked Jun 8, 2015 by amanda-w-3695 (4,840 points)

commented Jun 16, 2015 by (100 points)

Thanks, but what I really need to know is if the Qvera supplied encryption makes it HIPAA compliant or if we must put SQL Server encryption (TDE) on the database in order to make it HIPAA compliant???...

commented Jun 17, 2015 by amanda-w-3695 (4,840 points)

See modified answer below

1 Answer

All message data, log data, usernames, passwords etc. are encrypted within the QIE database, using AES256 encryption. This encryption satisfies HIPAA requirements for encrypting PHI "at rest" thus eliminating the need to encrypt the entire database.

Whenever a user attempts to export unencrypted message data from QIE, they will be prompted with a reminder regarding the potential sensitive information or PHI and they must select Yes or No to complete the export process.

answered Jun 8, 2015 by amanda-w-3695 (4,840 points)
edited Jun 17, 2015 by amanda-w-3695

...

Is message data, that may contain PHI, encrypted within the QIE DB or should the DB be encrypted?

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.