Deploying Philter in a HIPAA Environment
Describes how to deploy Philter in a HIPAA environment.
This is not intended to be a comprehensive or legal HIPAA guide so please refer to your HIPAA compliance or security officer prior to deploying and using Philter in a PHI environment.
Third-party products, such as Philter, launched via a cloud platform's marketplace may not be pre-configured for encryption of data at rest. The steps below outline how to configure a Philter deployment for encryption of data at rest and in motion.
Amazon Web Services
- 1.Stop the Philter EC2 instance.
- 2.Make an AMI of the instance.
- 3.
The created AMI is encrypted. EC2 instances launched from the AMI will utilize an encrypted EBS volume and all snapshots will be encrypted. Refer to the AWS documentation Creating an Amazon EBS-Backed Linux AMI for assistance.
The following steps are the same for both Amazon Web Services and Microsoft Azure.
If using Philter via its REST API:
If launched from the Amazon Web Services or Microsoft Azure marketplace Philter's REST API will be pre-configured with a self-signed certificate. It is recommended you replace the self-signed certificate with a certificate from a trusted certificate authority.
- 1.Log in to the Philter EC2 instance via SSH. (On AWS the username is
ec2-user. On Azure the username iscentos.) - 2.Stop the Philter service:
sudo systemctl stop philter.service - 3.
- 4.Start the Philter service:
sudo systemctl start philter.service - 5.Connect to Philter's API and verify the connection succeeds:
curl https://philter:8080/api/statusand returns HTTP 200 OK.
If using Philter via it's Apache Kafka consumer:
- 1.
- 2.Log in to the Philter EC2 instance via SSH. (On AWS the username is
ec2-user. On Azure the username iscentos.) - 3.Stop the Philter service:
sudo systemctl stop philter.service - 4.
- 5.Start the Philter service:
sudo systemctl start philter.service - 6.Verify Philter is successfully consuming messages from Apache Kafka.