Encrypt your patient / client data to ensure absolute security and privacy within your Toniq database. Once encrypted, no external or third party system should be able to obtain patient details directly or maliciously from the database. You will be protecting their privacy even if your database is stolen.
Data encryption is a method where the information is jumbled up when stored, and can only be read with the appropriate security key to unlock the jumbled data. Toniq software will be able to read the data, because we know the security key, but anyone else or any other software system trying to look at the data or access it directly would not be able to view this data at all, it would just look like a very large random string of characters.
All existing Toniq applications, services, utilities, integrations, and data extracts will continue to function normally after the patient data has been encrypted.
Which patient/client data is encrypted?
Any information that belongs to the patient, or could be used to identify the patient, such as (but not limited to): Name, Phone, Mobile, Email, Address, Drivers licence, Loyalty cards, NHI #, Notes.
I thought my data was already secure?
Toniq has always encrypted logins and passwords that are used and stored within our applications. Performing regular backups, either manually or automated with Toniq Vault also helps keep your data secure. Toniq backups have additional security and password protection to help prevent software from locating and crypto locking them.
However this does not prevent someone outside your business copying or downloading your patient contact details, IF they have managed to gain access to your computer systems e.g. similar to the recent DHB data breach and cyber attack.
Will enabling encryption prevent my database from being crypto locked or held for ransom?
No. Although your Toniq Backups will be safe from a crypto lock ransomware attack. If someone has gained malicious access to your computer systems, they can crypto lock your live database. However they will NOT be able to view/read/download private patient identity information if encryption is enabled.
If you are a victim of a malicious ransomware attack, the most recent Toniq database backup can be restored and used, and we might be able to also restore retail till transactions. Dispensary scripts would likely need to be re-entered where the data is missing between when the attack occurred and your recent (last safe) backup.
Will Toniq encrypt more data in the future?
Yes, we are going to continue encrypting personal and sensitive information stored within the Toniq database with future program updates.
Are there any reasons I should NOT encrypt my patient/client data?
No. However if you have any services or database scripts which are connecting to the Toniq database directly which require patient/client data, and where Toniq is not facilitating the data access or connection. These services or database scripts will no longer be able to access patient/client data.
Are there any alternatives for a service or connection to my patient data?
Yes, Toniq can provide access to third parties via a data API. Access to any API connection will require a collaboration between Toniq and the software service provider and in some cases yourselves.
Can the encryption be switched off?
If for some reason you require the encryption to be switched off, the encryption can be undone.
Encrypt your data
If you would like to encrypt your patient data, and agree to the following, please fill in the form below.
I agree that Toniq will encrypt my patient data to ensure patient data security and privacy is maintained within my Toniq Database. I understand that any third party connection or application that is using the Toniq Database data without an agreement with Toniq is likely to stop functioning after the database is encrypted.
Toniq will continue to maintain existing functionality with all Toniq applications, data extracts and utilities developed and/or maintained within Toniq.