Encrypted Disk Groups

Summary

Encrypted Disk Groups provides an additional layer of security for content stored in the OnBase Disk Groups. Documents are automatically AES 256-bit encrypted as they are imported into OnBase, becoming indecipherable when retrieved outside of the system. Even within OnBase, these files are accessible only to permissioned users, further decreasing risk of exposure. Compliance with industry regulations, such as HIPAA Protected Health Information (PHI) and Payment Card Industry (PCI) Data Security Standard (DSS) is facilitated, enhancing the security of patient records and cardholder data. Encrypted Disk Groups provides the necessary tools to securely store digital documents—preventing costly security breaches and keeping you and your documents safe.

Benefits

• Supports compliance initiatives through the encryption of documents within OnBase Disk Groups
• Protects sensitive documents on the file server in the event of a security breach
• Reduces risk of exposure if Disk Groups are compromised by ensuring documents remain secure
• Decreases costs associated with audits and fines imposed for non-compliance
• Promotes a consistent security strategy through Disk Group encryption

Design

Encrypted Disk Groups encrypts documents as they are stored in Disk Groups on the OnBase file server, using a 256-bit AES (Advanced Encryption Standard) Algorithm. Decryption occurs when documents are opened by authorized users in OnBase, allowing only permissioned users to access secured files. Outside of OnBase, queries to the file server will return an unreadable file rather than the document content.

Applications

• PCI Compliance: The Payment Card Industry (PCI) Data Security Standard (DSS) mandates strict stipulations of all organizations that process, store or transmit credit or debit card numbers. These guidelines require credit and debit card numbers to remain protected and must be stringently followed in order to pass PCI compliance audits. Organizations who fail to comply with these regulations are prohibited from accepting new customers and may be forced to completely discharge customers interacting with the non-compliant portion of the organization.
• Financial Services: Credit unions, banks and other institutions in the finance industry commonly store documents that contain sensitive account information. Loan applications, account statements and trade confirmations are just a few examples of documents that include personal, confidential content. Encrypting these files shields private data from unauthorized access, and protects both the customer and the organization in the event of a security breach.
• Healthcare: Hospital organizations maintain electronic medical records, which must simultaneously remain easily accessible to both patients and staff, yet secure from unauthorized access. Protecting information contained in sensitive documents supports both organizational compliance and patient confidentiality by eliminating the risk of exposing private documents.
• HIPAA Protected Health Information (PHI): Whether you work in healthcare, insurance or human resources, if you handle private health information you are responsible for keeping it protected. Encrypting documents as they are imported into OnBase guarantees that the information remains secure and confidential.

Interface