GoClinic is a digital healthcare provider that connects hospitals and patients, building a bridge between hospital ICT and patients’ mobile phones. The goal of GoClinic system is to provide a secure data exchange for the optimal treatment, care and aftercare of hospital patients. GoClinic solution accustoms healthcare providers of various sizes: from small private clinics to academic hospitals.
As GoClinic team already used Cossack Labs’ open source library Themis to build encryption engine for mobile and backend apps, their next challenge was building balanced security system around cryptographic core. This effort included cryptography design verification, application security analysis and bringing together technical parts of ISMS: technical standards and operational procedures.
Products and services involved
Security architecture assessment
We’ve built risk, threat and trust models, analysed and prioritised attack vectors, assessed the fitness of selected security controls and their correspondence to ISMS.
We work closely on establishing the ISMS: objectives, processes and procedures related to risk management and internal security standards.
We’ve assessed the cryptographic protocol design, reviewed and tested the code implementation, found design caveats and advised on fixing them.
Themis is a cross-platform high-level open-source cryptographic library. GoClinic team used Themis as a cryptographic provider and built the encryption engine on top of it.
Correspondence of security architecture and chosen security controls to the risk profile and healthcare regulations.
End-to-end encryption of medical data from hospital networks to patients devices while preserving the usability of GoClinic mobile apps and making patients’ lives less stressful.
Soundness of cryptographic protocol and key management procedures (including QR code-based key exchange) to prevent access to sensitive data without required keys.
GoClinic system operates within extensive technology stack, supports numerous mobile apps, cloud backend and databases. Data protection should be consistent and easily maintained across all infrastructure components.
Legacy hospital networks require careful integration, isolation of patients’ data, and providing fully fledged data lifecycle and it's security.
Cryptography and application security: cryptographic engine should be closely tied with platform-specific security controls.
The security solution should prevent abuse and misuse from hospitals staff and “curious patients”.
We've performed a security architecture evaluation and cryptographic protocol assessment, verified and improved overall application and infrastructure security, advised on improving security roadmap for GoClinic solution.
Security advisory, security architecture assessment and risk modelling:
We’ve defined a general security roadmap after assessing business risks (via FAIR), compliance demands, industry standard maturity / systems lifecycle planning approaches (NIST 800-160, OWASP SAMM) and potential threats. The roadmap includes security team decision scope, application security baseline, data/risk classification, security goals, internal security standards.
Based on security roadmap and current architecture, we’ve established a detailed risk model, security model and plan of improving security measures to create well-rounded data security.
We've performed review of the security controls across architecture, application, infrastructure levels and provided a list of advice on their improvements.
GoClinic already featured solid cryptographic design and clever usage of Themis cryptographic library. This allowed us to focus on maintainability and execution security aspects of the encryption layer.
We’ve assessed the cryptographic protocol and key management procedures, modelled attacks and corner-cases and suggested mitigations for found caveats.
We’ve verified that Themis is integrated and used correctly, with respect to data flow and platforms’ limitations.
We’ve provided a set of recommendations on data minimisation and clean-up, key management and memory management, crypto coding guidelines and usage of platform-specific security controls (Google Cloud KMS, integration with Keychain/SecureEnclave, biometric protection).
GoClinic team acquired a basis for company-wide and product-specific security policy, solid security foundation and development plan for improving their system.
Sustainability of security architecture, deep integration of security controls and defined security roadmap allowed GoClinic team to target not only private hospitals, but also governmental healthcare companies, and provided a clear advantage over their competitors.