The following protocols are used by the ChartMaker® Clinical and associated applications:
The ChartMaker® Clinical application retrieves and stores data using Microsoft SQL Server or SQL Server Express. Microsoft SQL Server is configured to use TCP/IP Sockets communicating over the default port 1433. SQL Server accepts ODBC connections from client workstations throughout the customer’s practice over this connection. All ODBC connections are authenticated prior to granting access to the data inside each SQL Server database.
All TCP/IP traffic is contained to the local network for most installations and is secured by a hardware firewall at the internet gateway level. Our routers are configured to use SUA NAT and a hardware firewall to secure the client’s network and only allow explicitly defined traffic into the network. Our gateway firewall policy is to drop all WAN LAN traffic unless explicitly allowed via NAT and firewall rules.
Where client workstations and the STI Application Server are at separate locations, an encrypted hardware IPsec VPN tunnel is established using the gateway routers to encrypt communications from end to end. The tunnel is negotiated using a randomized pre-shared key and is encrypted using 3DES with the SHA1 authentication algorithm. Please see screenshot below for VPN configuration.
Users of ChartMaker® Clinical are allowed to connect into the system from remote sites using Microsoft Terminal Services. When specified by the customer, STI Computer Services configures Microsoft Terminal Services on a dedicated Windows Terminal Server in order to provide remote connectivity. When using Terminal Services the end user experience is similar to those of the users who are running on the local network depending on the speed of their Internet connection. Terminal Services utilizes port 3389 by default and uses Microsoft’s Remote Desktop Protocol (RDP).
Printer configurations are performed as standard TCP/IP printer installation. For installations where a driver is required, the requisite software is downloaded from the manufacturers’ website and installed locally on each workstation. For USB printers that require network capabilities, an HP Jet Direct may be installed as well. The most common network port used by this installation is 9100.
Scanners sold by STI to be used alongside our Clinical application are manufactured by Fujitsu and are not TCP/IP capable. The scanner is installed via USB cable to a dedicated scanning workstation and a copy of Nuance Paperport is installed to manage scan quality and scan destination. Once a document is scanned and verified, the image is inserted into a patients chart using a function within our Clinical application, where it is converted and moved to its permanent location on our application server.
Remote support to our clients is provided using a client initiated support module downloaded from the sticomputer.com website. The client initiates a connection to a secured repeater at our office by clicking the executable and is then prompted to enter a one-time session ID. The corresponding session ID is typed in by the technician taking that particular support call and a secured connection takes place. As this is using a LAN to WAN traffic request, typically this requires no outbound firewall modification to support. If all outbound ports are blocked as part of a broader network security strategy, we request that port 5500 be allowed to transmit traffic to two designated IP addresses at our company locations.
Lab bridges are installed at a clients’ location on their application server. This service is run under the local system account and uses a configurable port number (a common port is 8088) which makes a socket connection on that port to a lab supplied computer within the client’s local network. The office staff will key in an order request on this machine and hit “Bridge”. This bridge request returns demographic data and insurance information to the lab supplied machine, via the socket above, which then establishes communications to its parent company and sends the order. Once the lab request has been uploaded from the patients’ site to the lab vendor and processed, it’s then transferred via another VPN tunnel to our Health Portal, where it’s stored until being downloaded via a scheduled task on our application server, which is described below. The data format within SureScripts messages is defined by STI and formatted using SOAP and XML, while lab results use the HL7 formatting protocol.
Billing data is transmitted by the following means:
FTP. For FTP transmissions, Filezilla is installed
and configured for the client. These vary by carrier and can be FTP (port
21), SFTP (Port 22), FTP/ES (port 2100). The
connections to the insurance providers are configured per their specifications
and the client is instructed on how to upload the billing data file from
their local PC and download pending reports and ERA files utilizing the
Filezilla client.
HTTPS. For HTTPS connections on port 443, a web
browser session is launched and the user is instructed to login via a
user name provided by the carrier. The customer is instructed on how to
login to the carrier, browse to the billing file and upload it to the
carrier as well as download any waiting reports \ ERA files.
Dial Up. For carriers still requiring dial up access to do modem billing, we configure our Practice Manager application to dial the correct carrier after a billing batch is automatically generated for that particular insurance provider. The carriers all have unique user login and passwords for each provider associated with them, which is input by our software. The dialup protocol used is Z-modem Asynchronous.
There is one process configured to run on the Application Server used to exchange PHI data across the Internet. It is configured to run under a domain account designated for running services (aka a service account). This service account is given read-write privileges to the database. The STI Health Portal Client Service is used for transmitting and receiving electronic prescriptions, retrieving first databank information, checking for prescription eligibility, downloading drug formulary and downloading completed lab results delivered by lab partners to our Health Portal.
To ensure data security and remote node authentication, a separate set of credentials, unique to each customer, are configured by STI support staff on each client’s application server for authenticating the client-side services when it interacts with the STI Health Portal. These credentials are stored in an encrypted form. All communication with the STI Health Portal uses TLS 1.0 using 128 encryption over HTTPS (on port 443) to ensure both secure communication and an authenticated host. At no point is any PHI data or credentials broadcast in clear text or over an unsecured channel. The health portal service is only allowed to connect to the DNS name healthportal.sticomputer.com, which is maintained on a secured name server.
Once authenticated on the STI Health Portal, the above credentials are used to authorize a given transaction (i.e. send a prescription on to SureScripts, retrieve lab results queued up for that customer). The credentials are pre-configured on the STI Health Portal to match those supplied to the service during the above configuration. Lab Results are associated with only one set of customer credentials and can be retrieved only by a transaction using those credentials. Should network security at a client location disallow LAN to WAN traffic, an exception for port 443 needs to be made to allow traffic to the DNS address healthportal.sticomputer.com.
