Best Practices in Column Encryption (CoSort Field Encryption for Files at Risk)

Home » Solutions » Field Protection » Best Practices

Field-Level Encryption Practices

» Solutions

Field Protection

Encryption/Decryption

Just Encrypting One Database or Its Fields at Rest?
Protect the Fields in Your (Portable) Files Instead.

With the introduction of field-level encryption and other protection techniques (see links at left) in IRI's FieldShield and CoSort (SortCL) programs, you can now prepare flat files (to populate your database tables) with pre-secured fields (data at rest), and protect fields in your extract files, reports, etc. (data in motion).

To review how field-level encryption can help you comply with privacy regulations, consider the application of FieldShield to the Final HIPAA Security Rule enacted in 2003, governing the protection of electronic private health information (EPHI)¹:

Section 164.312, Technical Safeguards, contains provisions extracted from two sections of the proposed rule: Technical Security Services and Technical Security Mechanisms. Covered entities must implement:

* Technical policies and procedures for access control on systems that maintain EPHI. These systems must allow for unique user identification and include an emergency access procedure for obtaining necessary EPHI during an emergency. Addressable specifications include automatic logoff and encryption and decryption, which is defined as a mechanism to encrypt and decrypt EPHI.

With field-level control, you can use multiple encryption libraries and pass phrases for field-specific need-to-know decryption entitlements.

* Transmission security, including two addressable specifications:

1. Integrity controls -- security measures to ensure that electronically-transmitted PHI is not improperly modified without detection until disposed of, and

2. Encryption. Designation of encryption as an addressable specification is a key departure from the proposed rule, which explicitly required encryption when using open networks. Covered entities now must determine how to protect EPHI "in a manner commensurate with the associated risk." Covered entities are encouraged in the Rule's preamble to consider use of encryption technology for transmitting EPHI, particularly over the Internet. The key reasons cited by HHS for this change are the cost burden for small providers and the current lack of a simple and interoperable solution for email encryption.

FieldShield makes encryption another option for field-level protection within files, along with filtering, anonymization, and pseudonymization. CoSort's SortCL program does as well, while running high volume data manipulations and reports against massive flat files.

* Hardware, software, and/or procedural methods for providing audit controls.

Optional application statistics, and a query-ready XML audit log, record the job script and encryption libraries used to show what, when, how, and by whom the PHI field data was encrypted (and otherwise protected and/or transformed).

* Policies and procedures to protect EPHI from improper alteration or destruction to ensure data integrity. This integrity standard is coupled with one addressable implementation specification for a mechanism to corroborate that EPHI has not been altered or destroyed in an unauthorized manner.

Data that does not decrypt with the proper encryption key suggests that the decrypted field has been compromised. You can trace this through FieldShield or SortCL runtime statistics and audit logs. You can see when and how the file was processed for field encryption.

* Person or entity authentication, which requires the covered entity to implement procedures that verify that a person or entity seeking access to EPHI is the one claimed to be doing so.

Pass phrases are used to generate keys for encryption and decryption of the field data. Therefore, only the person or entity in possession of the right pass phrases can encrypt or decrypt the field(s).

All of the above techniques can operate independently, on one or more files at a time, with or without other data transformation or reporting functions.

IRI, The CoSort Company