Join thousands of providers and practice managers.
Get weekly tips to build a profitable practice.

Data Security: How eVisit protects your booty

Posted by Wyatt Greenway

Telemedicine is easy, right?

eVisit isn’t just easy to use, it is also designed to make our user’s lives easier, and most importantly, designed to ease our users’ worries about privacy and security. Easy peasy, right? Well, hold the phone for a second and let’s ask the team what “easy” looks like.

Security and privacy above and beyond HIPAA requirements

At eVisit we are never complacent with our security. We are always diving deep in our own systems to find clams that can make pearls. Take, for example, our own custom solution for encrypted data storage. Back in the day, eVisit used a third party encrypted document storage system. It was kind of cool, but we weren’t very impressed with its clammy nature. Sure, it was secure enough, but it was slow, clunky, and had its own set of issues. We decided we had had enough of dealing with “kind of cool”, and instead wanted “phenomenally awesome” — besides, our users expect and deserve the very best. So it was time for a revamp. Enter Pandora’s new box: eVault.

Designing Pandora’s box

eVault was designed from the ground up with two main goals: 1) It must be incredibly secure, and 2) It must be incredibly secure. Oh, and third, it must be incredibly fast.

First, on speaking to the fast point (because it is faster than speaking about security), let me say that we went way above and beyond what most sane teams would have done to squeeze every single gram of speed out of eVault. Trust me. I could list a whole slew of technical jargon here that would certainly bore you into a deep slumber, but that isn’t the eVisit way. So let me just say that we achieved “phenomenally awesome” thanks to the incredible engineers that developed the eVault Solution™

Second, we don’t do not use contractions when dealing with your security and privacy at eVisit. We take no shortcuts, and we take nothing for granted. We pretend that all pirate invaders are more interested in your private data than all the treasure in the world (we have big imaginations here at eVisit). So with fictional evil monologues in mind, we set out to create a system that no evil villain -- no matter how long or dry their monologue -- could penetrate.

Security rethought

Too many nightmares have gone global in the last few years over personal information being “leaked” and stolen. It is always the same scenario: some human somewhere forgot some little hole in some thing and someone rudely poked in their little eyeball in and saw stuff. Bad bad bad! Dealing with holes -- as any security expert can tell you -- is a constant process. So how can one keep the metaphorical ship from sinking when natural “holiness” abounds? Well, you can patch things all day, add foam, provide life-rafts, fire and rehire the crew, and deal with chaos management all day… or you can just not keep all your most valuable treasure in a sinking ship.

Okay, so let me explain: eVisit is obviously still part of the “internet ocean”, and we are bobbing around quite nicely, but how do we keep our metaphorical ship from leaking sensitive information and sinking? We have answered that question by splitting our systems in a way that no single server in our cloud contains enough information to retrieve private data without access to all of the systems in play. We have split our entire eVault system into three parts: one third stores the encrypted data, one third holds the keys used for encryption, and the final third does the dirty work of splitting and piecing the data all back together again. All systems rely on each other, and data is not retrievable without complete access to all systems.

Simply put, most companies with their cloud ships (servers in the cloud) have all their booty (private data) on-board, and the captain holds the single key (a single point of attack) to The Chest of Unimaginable Treasures™. At eVisit, we aren’t okay with this “Open Sesame” design. Our system is more like a fleet of cloud ships. Each captain in our fleet holds a third of a magic amulet; this magic amulet will unlock The Chest of Unimaginable Treasures™ only when all three parts are put together and all three captains are present.

Data from just one (or even two) of our servers would just look like random gibberish. In order to access any legible information, one must penetrate all three systems simultaneously, know how to steal the data, know how to decrypt it (with the proper keys), and then also know how to put it all back together again. It is hard enough to penetrate and fully understand the inner workings of a single system. —  this becomes exponentially harder when dealing with three separate systems.

Whew! Are we done yet?

In the words of that famous person you couldn’t care less about: “Heck no!” Security is never something to “solve”, it is never “complete”. Good security is always a continual non-stop improvement and iteration of every system in place. We take security and privacy seriously, and eVisit will never rest. Eon after eon will pass, solar systems will die and be born again, and still you will find the eVisit team busily at work ensuring that your private data is kept… well… private.

Wyatt Greenway

About Wyatt Greenway

Wyatt is Senior Lead Engineer at eVisit, and has been working with the eVisit team for over two years.

The eVisit Blog