visolveemr wrote on Saturday, September 12, 2009:
Hi Team,
The goal of encryption is to protect patient data from being accessed and viewed by unauthorized users while the data is at “rest”
**Protecting data at rest:** Using the encrypted file system. This needs to be taken care while deployment.
**Technical Requirements**
1. The step by step procedure (for Windows & Linux) to accomplish the same would be added along with the documentation.
Do share your views here.
Thanks
ViCare Team
cfapress wrote on Tuesday, September 15, 2009:
Is it possible to encrypt the database tables, not the full file system?
In my Agency we have OpenEMR installed on a single server that is also used for email and other internal web apps. Encrypting the whole drive could present an unnecessary challenge.
Jason
whimmel wrote on Tuesday, September 15, 2009:
You can create a separate encrypted filesystem specifically for mysql to use and mount it accordingly. Linux Volume Manager makes this pretty easy to accomplish. You don’t have to encrypt the whole partition.
If you’ve never used LVM2, it adds a layer on top of your usual drive/partition configuration. partitions become part of a "physical volume" which can be a single or multiple disks. Then you create logical volumes on top of that, which can be formatted to whatever filesystem type you need.
LVM is also handy for backups, since you can take a snapshot of a running system, back it up, and then discard the snapshot. All while leaving the system up.
mike-h30 wrote on Tuesday, September 15, 2009:
Jason,
Have you thought about using VMware Server or Xen? You could create a separate virtual machine dedicated to OpenEMR.
-Mike