LAMBsecureSM
When the encrypted transaction is received, certain known transaction parameters are used so that the correct keys and algorithms are chosen by the receiver to create the dynamic, one time key for decryption. No keys are transmitted with the encrypted datafile.
Our encryption system was developed to provide a process which is
scalable, invisible and secure. Our system supports a roll out of hundreds
or thousands of healthcare companies and organizations dynamically in an
ad-hoc environment. Organizations or systems that come online must be
able to trade immediately within the community.
Secondly, our customers should not be concerned with the management
of the encryption process including keys. The entire encryption system is
invisible to the end-user. Key management including updates, expirations
and new keys are all automated functions. There is nothing for the enduser
to do.
Thirdly, the encryption system must be secure. We use standard techniques
but with a few twists. These twists make it very difficult for anyone to
decrypt a transaction. All transactions are encrypted. No transaction is sent
in the clear. If the encryption (outbound) or decryption (inbound) fails, the
transaction does not move off the server. We use symmetric encryption,
which is stronger, bit for bit, than asymmetric encryption (PKI). There are
no public/private keys — only private ones. The twists are that no key is
sent with the transaction and only partial information about the encryption
is delivered. Basically, the receiver gets only half of the information
required to decrypt.
It is important to note that the encryption occurs before the transaction
leaves the PC or server within a healthcare organization and is not
decrypted until the transaction is physically at the receiver’s PC or server.
Therefore, the data is encrypted even when traveling through the sender’s
and receiver’s internal communications.
|
