Stradus

Stradus has been designed with security in mind first. It is designed to protect the privacy of all the patient data as well as to protect the integrity of the data and to keep the customer networks secure.

Stradus local server software

At the location where the images are acquired Stradus local server software is installed on a Windows PC or server running on Windows 7/Windows Server 2008 or newer. The Stradus local server software serves as the local PACS server and uploads the images from the modalities (CT, MRI, CR, DR etc.) to the central offsite Stradus cloud servers. The Stradus local server software serves as a Dicom receiver and uploads the encrypted data to the offsite Stradus cloud servers.

Customer network protection

The Stradus solution has been designed to easily integrate in any network environment without needing changes to the network settings. For Stradus you do not need to open any network ports or firewalls towards the internet. This keeps your network safe. From a networking perspective it simply works as a client connecting to the central offsite Stradus cloud servers, comparable to a web browser uploading data. Therefore, no DMZ is needed.

Data encryption at rest

All data (potentially) containing information that could identify a patient is encrypted at rest on the central offsite Stradus cloud servers. Encryption is currently done with a 4096 bit key and the SHA512 algorithm. This industry standard state of the art encryption is projected to keep the data safe in to the far future.

Data encryption during internet transfers

Stradus uses industry standard (SSL/TLS) encryption when transferring any data over the internet. Using this technology has several goals:

1. Identity. This makes sure that when customers connect to the offsite Stradus cloud servers they can be sure they are really connected to the Stradus servers and not connected to servers from any other parties.
2. Confidentiality. This makes sure that no third parties can listen to the data being exchanged.
3. Integrity. This makes sure that the data cannot be modified intentionally or unintentionally by any third party.

Physical data security

The data stored on the central offsite Stradus cloud servers is managed by Microsoft (Microsoft Azure). Microsoft runs several extremely large data centers worldwide as part of their Azure offering. These datacenters follow the very best practices regarding security. A detailed overview of the security approach of the Microsoft azure data centers can be found in an extensive white paper.

Safe viewing of the images over the internet

The viewing of the images over the internet is done in the browser via the HTTPS protocol over the industry standard 443 port. So if users can access the internet already no further configuration is needed. A working internet connection combined with the Google Chrome browser is sufficient to securely view images from anywhere.