What is encryption and why does it matter?

adminBlog, Security

e-clinic has the highest security rating of any healthcare software provider

To put it simply, encryption is the act of jumbling communication so that other people cannot understand or access it. Various forms of encryption have been used over hundreds of years: Julius Caesar used basic encryption in messages to his generals and British codebreaking decryption of encrypted German messages was seen as one of the defining moments in the war. A good analogy for understanding encryption is this: if you send something in a locked safe, only those with the right key can open the safe.

A popular form of encryption is ‘end-to-end’ encryption. A third party can decipher encrypted information as long as they have the right key to unlock it, however end-to-end encryption only allows the sender and receiver to see the information. Some well known app developers now use the high security levels offered by end-to-end encryption as a means to attract users to their products. One of these products is the messaging app WhatsApp, where use of end-to-end encryption is regularly highlighted, and means that although messages may travel over WhatsApp’s servers, the company are not able to read the content of those messages even if they (or the authorities) should want to.

How does encryption work?

We’ll use WhatsApp as an example. When you communicate with someone via WhatsApp, the app encodes the message you are sending using a special key, and only the recipient will have the key to access the message. The whole process is done without the user having to do anything except press send, but the actual process of encrypting a message is very complicated. Furthermore, every time two devices communicate with each other, a fresh set of theoretical keys and locks are produced, meaning that the process is safe every time and almost impossible to crack.

Why is encryption important?

In recent years, we have shared more and more information online including addresses, photos, messages and bank details, therefore it has become increasingly important to ensure that this information is secure and safe from unauthorised access. A number of large companies, such as Yahoo, have been the victims of cyber attacks, which have led to the information of their customers being leaked. This, and other leaks and cyber attaches, has shown the very real danger of people’s online information not being secure.

The leaking of customers’ personal information has a direct impact on companies, as customers will quickly lose trust in a company which fails to protect their information. This may lead to a rapid decline in customers (and in many cases has), ultimately meaning a rapid decline in profits.

Encryption, if done properly, gives companies the highest levels of security possible and so minimises the risk of hackers accessing personal information. Encryption is also seen as vital for people targeted by authoritarian states who could arrest and prosecute people for the information they share online – criticising the government or expressing religious or sexual freedoms, for example.

e-clinic’s use of encryption 

e-clinic has the highest security rating of any healthcare software provider. Our data centres are based in the UK, are ISO 27001 compliant and Tier 3 secured. Data is encrypted at 256 bit AES which is double the encryption rate of most connections, including those of the NHS, which is currently moving encryption to this level. In contrast, our remote application has provided 256 bit encryption for over 5 years.

All data is securely backed up and there’s no need to worry about the inconvenience or expense of hardware failure. Because the cost of hosting is included in the price, you don’t need to worry about up-front costs or ongoing hardware expenses. Your patients can be confident they are in safe hands, and you know your obligations under the Data Protection Act and the Care Quality Commission are being met.

Some clients prefer to install e-clinic on their own computer or network. Larger clinics and healthcare groups, who have their own IT infrastructure, may want to discuss this option. For more information, please get in touch.