• December 2008 FEATURE ARTICLES •
Security: Case History
Safe and Secure
A whole-disk encryption solution safeguards laptop data and simplifies data security management for a pediatric system.
Founded in 1908 and located in Denver, The
Children’s Hospital is a private, not-for-profit pediatric
healthcare system that cares for kids of all ages and stages of
growth. Its dedication to these young patients is evident in
more than 1,000 pediatric specialists and more than 3,500
full-time employees, and is the main reason that The Children’s
Hospital is a place parents have come to trust.
The Children’s Hospital understands this
trust is not just based on its dedication to providing the best
medical attention for the children in its care, but also on its
dedication to ensuring all patient records and other sensitive
medical information is protected at all times. With an
increasing number of medical staff traveling to extend care
beyond the walls of the main campus, two emergency locations,
three community-based after-hours care sites, nine specialty
care centers, and more than 400 outreach clinics, The Children’s
Hospital had to be certain that it could protect all data stored
on their laptops.
"With more of our clinicians traveling
nationally and internationally on a regular basis, we must be
certain the patient data stored on the laptops that travels with
them is secure," says Andrew Labbo, privacy and data security
officer and information security manager at The Children’s
Hospital. "The laptops carried by our traveling doctors
potentially contain sensitive patient information and so we had
to ensure that a lost or stolen laptop would not provide
unauthorized access to this highly-confidential data."
Labbo had previously witnessed the disruption
a lost laptop could create in 2002.
"A state agency officer lost a laptop that
was only protected by a static password, and that simply did not
provide sufficient data protection," he says. "The process of
correcting this possible data leak was painful and expensive. In
fact, when everything is considered, the cost of losing a laptop
can be in the tens of thousands of dollars, and that does not
include the damaging legal and public relations issues."
Evaluating the Options
Wanting to ensure its data could not be read
by any unauthorized users, The Children’s Hospital began
researching alternative methods of encrypting the data on its
laptops. Having looked at both full-disk (also known as
whole-disk) encryption solutions as well as file encryption
solutions, The Children’s Hospital decided that full-disk
encryption was the only way to ensure all laptop data was
protected at all times. Unlike file encryption, which protects
specific files, full-disk encryption encrypts all data stored on
the entire hard drive, including file names and associated
metadata, rendering them "invisible" to unauthorized users.
As full-disk encryption protects all data on
a device at all times, it would ensure that the hospital did not
have to be concerned about copies of data being left in clear
text in ghost and temporary files. This would simplify data
security management as administrators would not have to spend
valuable time ensuring staff encrypted all appropriate files.
Most importantly, in the event of a laptop being stolen, there
would be no risk of a hacker gaining access to medical records.
"We looked at both whole-disk and file
encryption and found that while whole-disk encryption ensured
that no data on a laptop could be accessed by any means, not
even if a stolen drive is mounted, file encryption did not
protect the entire hard drive," says Labbo. "This meant with
file encryption we could not be certain that all data was
protected and would still have to undergo the painful process of
notifying all patients in the event of a lost or stolen laptop.
Whole-disk encryption also met all HIPAA requirements that call
for a mechanism to be put in place to protect data at rest on
laptops."
Implementing the Solution
The Children’s Hospital began reviewing
available full-disk encryption solutions in November 2006. "We
began researching five different solutions based on specific
criteria," says Labbo. "The criteria included ensuring that the
entire hard drive was encrypted at all times, ensuring there was
no risk of data loss during installation, making certain the
encryption solution could integrate with smart card readers and
smart cards, and the ability to centralize help desk management
to help users with forgotten passwords."
Having thoroughly researched the available
solutions, Labbo found only one met all The Children’s
Hospital’s data security requirements. "We were able to
eliminate four of the solutions almost immediately as they were
unable to integrate with our existing smart card readers and
smart cards, plus many required specific hardware and would not
work with all of the hospital’s laptops. Only WinMagic’s
SecureDoc proved capable of integrating with our existing smart
card and smart card readers and had no problem integrating with
our stock laptops."
After selecting the full-disk encryption
solution, The Children’s Hospital began a thorough three-month
pilot. A good cross section of the staff, including physicians,
care providers, executives and administrative staff were
involved to ensure that everybody would be comfortable with the
encryption layer. Initial testing confirmed that the
software-based solution would provide the highly-level data
protection the hospital was looking for without necessitating
any real investment in additional hardware.
"We were able to prove that the entire hard
drive was secure and also that there would be no need to buy new
smart card readers or laptops as the new software integrated
with our existing devices straight out of the box. Although the
install did require attention to detail and interaction with the
users whose laptop it was installed on, this was mainly down to
the fact that they had to set up memorable questions/answers
individually for password reset."
Perhaps, even more importantly, the testing
confirmed that the encryption layer would not negatively impact
patient care. "The biggest point that sold us on the install was
the fact that users could continue to work unaffected while the
initial encryption process of the disk took place. During the
pilot we observed over 20 laptops encrypting the disk while
people worked with no issues whatsoever and so we knew staff
members would be able to continue working while the solution
installed in the background. As a hospital, it was critical that
staff would not be disturbed during the installation process."
Extended Testing
Having successfully completed initial
testing, Labbo began a larger pilot to ensure that there would
be no issues with long-term management. This meant ensuring that
it would be simple to set up not only new users, but also new
user groups. It also meant trying the solution with other
devices to ensure all data could be encrypted no matter what
technologies the hospital might add to the system in the future.
"A further six months of testing let us run
the encryption solution over an extended period, and during that
time we were able to ensure that once a disk was encrypted,
there was little additional management required other than
setting up the install to run in the background and sending out
an email with brief instructions. The granularity of the
solution lets us customize security as needed — whether by
changing protocols, adding new users, or adding new removable
media devices, such as USBs or PDAs. No matter the device, the
install and management process remains the same."
The extended testing also enabled Labbo’s
team to make absolutely certain that no data would be lost
during installation. "Obviously, it was critical that we did not
lose any data during the roll out and after both pilots, we
experienced zero data loss." With both pilots successfully
completed by the spring of 2007, The Children’s Hospital began
rolling out the encryption software to additional laptop users.
"We simply set the install to run transparently in the
background over the course of an afternoon and the user is then
ready to go. During the roll out, positive word of mouth from
physicians spread that adding the encryption was a painless
process, which made my team’s life much easier."
Fully-integrated Encryption
As for the added security the encryption
layer provides, Labbo has an anecdote that he feels sums up just
how well data is now protected. "I have SecureDoc on my laptop,
and when my hard drive required updating, a technician began the
process of removing the existing drive and switching the
software onto a new drive," says Labbo. "The technician had
experience with encryption solutions in the past, and figured he
would not need to remove the software before transferring the
data by simply bypassing the encryption layer. Several hours
later, the technician came back to me and said he could not
bypass the encryption level."
By carefully setting out the data security
criteria it required and thoroughly testing the available
solutions, The Children’s Hospital has been able to fully
integrate encryption software with its existing applications to
ensure all patient data is protected at all times. "When you
consider the
potentially high cost associated with a single user
losing their data
compared to the relatively tiny cost of
protecting each laptop, it makes sense to add whole disk
encryption. A disk acts just the same after it has been
encrypted as before it was encrypted. This means that with
adequate planning, it is possible to protect all data without
any inconvenience to staff or any sacrifice in patient care."
