EBME Forums Forums Maintenance Technical Assistance Working with encrypted memory sticks/ flash drives

USB memory sticks or flash drives have become a fact of life over the past few years so much so that many NHS workers wear them round there neck. Manufacturers of all sorts of different kinds of medical equipment have been using them for image and data transfer until the introduction of encrypted sticks

Can anyone tell me if the type of encrypted memory being introduced by NHS trusts is universal across the UK and if so how these can be integrated to work with ultrasound scanners to save images and patient data. Any help would be greatly appreciated. Thanks.

What makes you think it's going to be encrypted?

1/ The user told me it was and said it was desperately slow
2/ The stick markings suggested it was
3/ The scanner couldn't see it when it was plugged in

Not sure what it is you're trying to do there. Was the data harvested from the same scanner? When the user said "desperately slow", what was s/he trying to do, I wonder (if the scanner couldn't see the data anyway)?

More information required from the user, I should imagine!

We were trying to transfer some images that were saved on a laptop style ultrasound scanner to a USB flash drive. In that specific hospital they are only allowed to use the provided encrypted sticks which it seems can't be used by devices that are not ready for them. It looks as though they might only work from Pc to PC and not device to PC. Perhaps this encryption idea idea hasn't been thought through all the way.

I think the user was suggesting that as the encription process was done on the fly it was slowing things down.

Or, to put a "positive spin" on things ... it sounds as if the encryption is doing what it's supposed to do! That is, preventing unauthorised use of the data!

Supposedly there's no problem in using the data held on the encrypted stick with the original laptop scanner? Or is that the root of the problem (you can't save the data at all ... to the special sticks, that is)?

Of course (and as you suggest), whether the data needs to be encrypted at all is a policy question for the hospital concerned. Has the user had any joy using "plain" sticks, I wonder?

I think the problem is they are not supposed to use plain sticks anymore.

I am hearing today from elswhere that unencrypted sticks might be allowed in special circumstances. An IT Dept. might issue a certain type of unencrypted stick with a serial number that is known to one particular PC. This PC would recognise the stick and allow images to be downloaded.

So that might be a work around.

Contact your IT security person within your trust should be your first call.

As for the encryption stick, if it is a windows based operating system on the scanner it should pick it up but you may have to contact the manufacturer to get the access to install it.

There is not an easy way to do any of this.

Your security bod is the best place to start.

Good luck

I think I'm not grasping the full story here (excuse me for being a bit thick) ... are we saying that the encryption takes place in the stick itself (that is, as and when the raw data is copied to it)?

And then once it's safely locked away inside the stick, you need some sort of access key number (or whatever) to be able to retrieve it. Is that it?

So (assuming that to be the case), each device (PC etc.) wanting to use that data would need software installed to be able to access it, would they not? And then ... is the reverse process (the decryption) carried out in the stick (I guess so), or on the retrieving device?

My hacker instincts have been aroused! I wonder what (how good) this encryption actually is. Could it be just a simple flipping of the bits?