All of data in the system is encrypted when in transit and while at rest. We use Secure Sockets Layer encryption of the site, and nationally-recognized cloud services. A more detailed description of the security measures in place is provided below.
The production systems of the registry are hosted in the S3 Elastic Web service of the Amazon Web Services (AWS). Physical access to these data centers is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. For additional information about AWS’ security, see http://aws.amazon.com/security.
PEER’s approach to security protocols has been to design, express, and enforce security as bounded architectural attributes, shared technical services, and redundant platform operations that occur as multiple occurrences throughout the service, both procedurally (user prompted) and systemically (automatically), and not merely as single points of occurrence (such as standard user name and password authentication and/or authorization techniques).
The system is encrypted and monitored at each level, and uses secured HTTPS internally, as well as externally. The architecture secures data at a data persistence level, by encrypting all transported data between web servers and web browsers, including incorporating cryptographically randomized pseudonyms, secure API calls for all internal and external web services, and the use of decoupled Identity Provider (IdP) and Identity verification (IdV) systems. All internal and external API calls within the PEER registry utilize secure API calls. The API security enforces message authenticity, integrity, and confidentiality.
Survey responses and other de-identified data are held separate from the personally-identifying information and retained on behalf of Genetic Alliance by Private Access. Any columns in the Private Access database table for a PEER participant that could conceivably contain individually identifiable health information are encrypted using an encryption algorithm approved in Annex A of FIPS 140-2. This expressly includes (i) the randomly-generated foreign user id that is provided by Private Access for the participant to whom said data pertains; (ii) the identity of the host for said foreign_user_id; (iii) the “source” from which an answer came (e.g., the embed_id that identifies the website where the iFrame containing the PEER Survey Toolkit survey widget is contained; and (iv) any answers provided by PEER participants in free-text fields, as and when used in the PEER Survey Toolkit questionnaire.
PEER works in conjunction with the consent management systems described below to provide accessibility for individual account profiles via the customized PEER system. The security attributes built into Private Access augment the network, system and platform security designed into AWS’ environment. This architecture secures data at a data persistence level, so that: (i) all personally identifiable data (PII) is encrypted using symmetric cryptography algorithms; (ii) all data is encrypted within data backups and redundant data services; (iii) no PII is logged, nor maintained, within application audit logs as a measure of security; and (iv) no personal information is ever emailed or sent in any notifications.