PH Registry Anonymizing Data Upload Utility

The following are prerequisites to be able to install and use this data upload utility:
  • PHMS needs to be installed on the computer that will run this utility and be able to access the database
  • Any firewall must allow outbound TCP connections to port 8437 of host phreg.galsoft.net (66.51.111.41)

Summary

  1. Installation
  2. Configuration
  3. PH Registry Certificates
  4. Inner workings of the utility

Installation

Assuming that PHMS installation is complete and database access is successful, install the PH Registry data upload utility by using the MSI installation package and following the prompts. The installer will configure and start the service. This will upload anonymized PH data to the central registry once a day once configured.

Configuration

PH Upload Utility main configuration's page screenshot

Fig 1. Main configuration page of the service.
These are required settings for the service to function correctly

Main configuration utility page is shown to the right. It contains all the required settings that need to be specified for the utility to function correctly.

  • Hospital ID: Hospital ID is a unique number supplied by the PH Registry administrators
  • Patient Type: PH Diagnosis Patients Only will only send patient data to the central registry that is associated with a valid PH Diagnosis. Patients without a valid PH Diagnosis will be skipped. You may select to send all patient data if your database only has PH patients but not all of them have a specified PH diagnosis entered.
  • Client Certificate Path/Key/Passphrase: Location of the special encryption certificates is entered here. For more information how to obtain these important files, see PH Registry Certificates. You must also supply the passphrase (password) for the private key.
  • DB Username/Password: This is where you should enter the username and password for the PHMS database. You may verify that these values are correct by clicking on the "Number of Patients Estimate" button. This utility uses the same ODBC database connection as PHMS and the PH Registry data upload service. If you receive an error that the data source cannot be found, please (re-)install your PHMS installation on the machine.

The second page of the configuration utility allows each center to opt out from additional fields that will be sent to the registry. Only numeric data fields are sent to the registry with a few exceptions (see last section), so additional opt-outs should not be required.

PH Registry Certificate

The certificate/key pair refers to files that hold setup data for encryption connections. These files may be considered to be special, very long passwords that identify you as a valid supplier of data to the PH Registry. They also play an important role in encrypting the data transfer connection between the local PH database and the central registry.

The recommended procedure for obtaining and using the certificates is as follows.

  1. Create a non-shared, safe folder on the PH database server called PhRegCert
  2. Go to the certificate request page, and generate a certificate request. The certificate request will be automatically forwarded to the PH Registry operator. Make sure you save the Private Key in the PhRegCert folder.
  3. The certificate should arrive in your e-mail after it was verified and signed by the PH Registry staff. Save the certificate file in the PhRegCert folder.
  4. Use the PH Upload Service configuration utility (see Start Menu) to configure the PH Registry upload service specifying the certificate location (step #3) and the private key location and passphrase (step #2)
  5. Verify that the configuration by either restarting the PH Upload Service or waiting a an hour or so. The service will log information and errors in the Event Viewer.

Summary of the inner workings of the PH Registry data anonymizing and upload utility

The job of the data upload utility is to anonymize and upload the data to the central registry. Only anonymous patient data is sent. This is ensured though the following steps,

  1. Patient Id is scrambled with a random salt and passed through a MD5 one-way-hash function. This anonymizes the hospital patient ID while retaining the uniqueness of the record in the data transfer.
  2. Patient birth date (age) has the day removed (reset to 1)
  3. With the exception of medication/allergy/secondary disease name, only numeric data is transfered.

In addition data transfer and PH Registry is protected from rogue data insertion through utilization of Public Key Cryptography for encryption and authentication.