GoClinic: encrypting patients’ data across hospital networks

Business requirements

GoClinic is a digital healthcare provider that connects hospitals and patients, building a bridge between hospital ICT and patients’ mobile phones. The goal of GoClinic system is to provide a secure data exchange for the optimal treatment, care and aftercare of hospital patients. GoClinic solution accustoms healthcare providers of various sizes: from small private clinics to academic hospitals.

As GoClinic team already used Cossack Labs’ open source library Themis to build encryption engine for mobile and backend apps, their next challenge was building balanced security system around cryptographic core. This effort included cryptography design verification, application security analysis and bringing together technical parts of ISMS: technical standards and operational procedures.

Industry

  • Healthcare

  • EHR exchange

Regulations

  • GDPR

  • ISO 27001, ISO 27002

  • Dutch Act on the Medical Treatment Agreement (WGBO)

Technology stack

  • Google Cloud Platform (KMS, GKE, Redis, VerneMQ)

  • iOS

  • server-side Swift

Products and services involved

Security architecture assessment

We’ve built risk, threat and trust models, analysed and prioritised attack vectors, assessed the fitness of selected security controls and their correspondence to ISMS.

Security advisory

We work closely on establishing the ISMS: objectives, processes and procedures related to risk management and internal security standards.

Cryptographic audit

We’ve assessed the cryptographic protocol design, reviewed and tested the code implementation, found design caveats and advised on fixing them.

Themis is a cross-platform high-level open-source cryptographic library. GoClinic team used Themis as a cryptographic provider and built the encryption engine on top of it.

Technology requirements

Correspondence of security architecture and chosen security controls to the risk profile and healthcare regulations.

End-to-end encryption of medical data from hospital networks to patients devices while preserving the usability of GoClinic mobile apps and making patients’ lives less stressful.

Soundness of cryptographic protocol and key management procedures (including QR code-based key exchange) to prevent access to sensitive data without required keys.

Problem

GoClinic system operates within extensive technology stack, supports numerous mobile apps, cloud backend and databases. Data protection should be consistent and easily maintained across all infrastructure components.

Legacy hospital networks require careful integration, isolation of patients’ data, and providing fully fledged data lifecycle and it's security.

Cryptography and application security: cryptographic engine should be closely tied with platform-specific security controls.

The security solution should prevent abuse and misuse from hospitals staff and “curious patients”.

Solution

We've performed a security architecture evaluation and cryptographic protocol assessment, verified and improved overall application and infrastructure security, advised on improving security roadmap for GoClinic solution.


Security advisory, security architecture assessment and risk modelling:

We’ve defined a general security roadmap after assessing business risks (via FAIR), compliance demands, industry standard maturity / systems lifecycle planning approaches (NIST 800-160, OWASP SAMM) and potential threats. The roadmap includes security team decision scope, application security baseline, data/risk classification, security goals, internal security standards.

Based on security roadmap and current architecture, we’ve established a detailed risk model, security model and plan of improving security measures to create well-rounded data security.

We've performed review of the security controls across architecture, application, infrastructure levels and provided a list of advice on their improvements.


Cryptographic audit:

GoClinic already featured solid cryptographic design and clever usage of Themis cryptographic library. This allowed us to focus on maintainability and execution security aspects of the encryption layer.

We’ve assessed the cryptographic protocol and key management procedures, modelled attacks and corner-cases and suggested mitigations for found caveats.

We’ve verified that Themis is integrated and used correctly, with respect to data flow and platforms’ limitations.

We’ve provided a set of recommendations on data minimisation and clean-up, key management and memory management, crypto coding guidelines and usage of platform-specific security controls (Google Cloud KMS, integration with Keychain/SecureEnclave, biometric protection).

Result

GoClinic team acquired a basis for company-wide and product-specific security policy, solid security foundation and development plan for improving their system.

Sustainability of security architecture, deep integration of security controls and defined security roadmap allowed GoClinic team to target not only private hospitals, but also governmental healthcare companies, and provided a clear advantage over their competitors.

Improve your system security using our solutions

We help you focus on serving your customers better, while relieving your team from security engineering pains and making your users confident that their data is safe with you.