Philter
Philter
Mountain Fog
Philter
Introduction
Introduction
What is Philter?
Quick Start
Example Uses
Philter Enterprise Edition
Filtering
Sensitive Information
Contexts and Document Identifiers
Filter Profiles
API
API
SDKs
Configuration
Settings
Other Features
Consistent Anonymization
Replacements Store
Monitoring and Management
Management
Metrics
Logging
Solutions
Apache NiFi and Philter
Monitoring Philter in AWS
Managing Philter’s Configuration in an Auto-Scaling Environment
Deploying Philter in a HIPAA Environment
Consistent Anonymization with Redis
Deploying Philter via an AWS CloudFormation Template
Using AWS Kinesis Firehose Transformations to Filter Sensitive Information from Streaming Text
Using Philter with Microsoft Power Automate (Flow)
Links
Philter
Mountain Fog
Philter on AWS
Philter on Azure
Philter on Google Cloud
Powered by GitBook

Deploying Philter in a HIPAA Environment

Describes how to deploy Philter in a HIPAA environment.

This is not intended to be a comprehensive or legal HIPAA guide so please refer to your HIPAA compliance or security officer prior to deploying and using Philter in a PHI environment.

Before Philter can be used in a HIPAA-controlled environment there are configuration changes that must be performed. Products launched via the AWS or Azure marketplaces are not pre-configured for encryption of data at rest. The steps below outline how to configure a Philter deployment for encryption of data at rest and in motion.

Encryption of Data at Rest

Amazon Web Services

  1. Stop the Philter EC2 instance.

  2. Make an AMI of the instance.

  3. Make an encrypted copy of the AMI in step 2.

The resulting AMI is encrypted. EC2 istances launched from the AMI will utilize an encrypted EBS volume and all snapshots will be encrypted.

Encryption of Data in Motion

The following steps are the same for both Amazon Web Services and Microsoft Azure.

If using Philter via its REST API:

If launched from the Amazon Web Services or Microsoft Azure marketplace Philter's REST API will be pre-configured with a self-signed certificate. It is recommended you replace the self-signed certificate with a certificate from a trusted certificate authority.

  1. Log in to the Philter EC2 instance via SSH. (On AWS the username is ec2-user. On Azure the username is centos.)

  2. Stop the Philter service (sudo service philter stop).

  3. Edit Philter's configuration to utilize an SSL certificate.

  4. Start the Philter service (sudo service philter start).

  5. Connect to Philter's API and verify the connection succeeds (curl https://instance-dns/api/status) and returns HTTP 200 OK.

  6. Remove port 8080 from Philter's EC2 or Azure security group.

If using Philter via it's Apache Kafka consumer:

  1. Your Apache Kafka broker(s) must be configured to accept secure connections from clients.

  2. Log in to the Philter EC2 instance via SSH. (The username is ec2-user and use the private key file from AWS.)

  3. Stop the Philter service (sudo service philter stop).

  4. Edit Philter's configuration to specify the certificate to use to communicate with Apache Kafka.

  5. Start the Philter service (sudo service philter start).

  6. Verify Philter is successfully consuming messages from Apache Kafka.

Related Links

Solutions - Previous
Managing Philter’s Configuration in an Auto-Scaling Environment
Next - Solutions
Consistent Anonymization with Redis
Last updated 3 weeks ago
Contents
Encryption of Data at Rest
Encryption of Data in Motion
Related Links