The Shared Encryption Key

To use Ocean with your patients, your site must first choose a shared encryption key. You should only proceed to set up this key if you are an authorized representative of your clinic.

What is a shared encryption key?

  • A secure key that Ocean sites use to safely and securely exchange patient data.
    • All transmitted patient data is encrypted using this private key, defined by and known only by the clinic administrator.
    • Even CognisantMD system administrators do not have access to this key and they will never require it. This ensures that even the most trusted CognisantMD administrators are completely unable to read patient health information.
  • This key must be kept private within the clinic and shared only with authorized personnel as needed.
  • Any of your devices that are connected to Ocean (workstations, tablets, EMR) will require this key.
 

Setting Up Your Shared Encryption Key

To set up your shared encryption key, log in to the Ocean portal and navigate to the Admin tab. Enter the "Encryption" section (selected from the menu on the left) to set up your shared encryption key. You may choose to either type in a shared encryption key of your choice or keep the auto-generated key. 

The requirements for your shared encryption key is as follows:

  • It must be 16-characters with at least one digit, one uppercase letter, one lowercase letter and one punctuation mark (e.g. !, ., _, @, etc.).
  • It should NOT be one of your personal passwords because it may be shared with other users at your site.
  • Feel free to choose the randomly-generated key that is generated for your site automatically or create your own key.
  • You must acknowledge that you've stored your shared encryption key in a safe spot (step 2) and leave a hint (step 3) in case you need to enter your encryption key again in the future (e.g. if you get a new computer or use a new browser).

Ensure that your shared encryption key meets all of the criteria outlined and leave a hint, in case your encryption key is lost. For safekeeping, we recommend that you download, print, and complete this Clinic Reference Card. Keep it in a safe location for future reference.

Once you've completed all 3 setup steps, be sure to click "Save" to save your shared encryption key. 

You can return to this "Encryption" section of the Admin tab to view your shared encryption key at any time.

Note: Your shared encryption key is the ultimate guard against unauthorized access to your patient's data, and should therefore be handled with great care and stored in a safe place. It’s also recommended that access to the key be limited to trusted administrative account holders. In the worst case scenario of a lost encryption key, CognisantMD will NOT be able to find or retrieve your unique key on your behalf (this is one of the ways we help to ensure patient data is always secure). However, if your key is lost, try following the steps outlined in this article to recover it.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request