I need to trust that my personal information will be protected and kept confidential. As a patient, the privacy and security of my medical data is not just a concern, it's a fundamental right.
Security and privacy are of the utmost importance when handling user's data, especially when dealing with sensitive and personal information like health data.
Eka Care is built and developed with the principle that users should have complete control and ownership over their own data. We prioritize the protection of user's data with the highest security measures, both on Eka Care's cloud and on the user's device.
Over 5 million users use Eka Care Health Locker to store their medical records. Medical Records in Health Locker are stored in Eka Care cloud with strong security using Server Side Encryption (SSE-S3). These records can only be accessed by two entities:
At Eka Care, we understand and acknowledge that some medical records may contain sensitive information that a user may not want to be accessed even by our AI machines.
A simple toggle in the user interface, which allows users to switch on and off access to certain records, is not enough to fully solve the problem of protecting sensitive medical information. While machines may technically adhere to the toggle, they still have the capability to read the records in theory.
So the solution is not just about adherence by words but remove the capability itself. In line with our core belief of giving users complete control over their data, we have implemented a feature called Secret Locker to address this need. This feature allows users to securely store and protect their most sensitive medical records.
The Secret Locker on Eka Care is a combination of a secure health locker and advanced encryption of records on the user's device. The encryption key is only known to the user and stored on their device, ensuring the highest level of security for sensitive medical information.
This means that the encrypted records are unreadable, not only by our AI machines but also by anyone outside of the user's device.
Any record that is added into Secret Locker is encrypted with a highly secure algorithm (AES 256 bit symmetric encryption) on the user's device and then transmitted to the Eka Care Cloud for backup purpose.
The backup to the Eka Care cloud helps users in 2 aspects
The encryption used is highly secure and uses a locally generated key that is provided to the user. The user should store or note down the key in a safe place of their choice, whether it be digitally or non-digitally.
When the records are accessed on the same device, the encryption key is automatically retrieved from the device's storage (such as an iOS keychain) and used to decrypt the records, allowing the user to view them in the Secret Locker.
The key provided during the initial setup is essential for decrypting the records stored in the Secret Locker, without it the records remain encrypted and unreadable. It is the user's responsibility to store the key in a safe place and bring it along while migrating to another device.
I understand, you are convinced and ready to proceed. Here is the guide on how to create a Secret Locker.
Step1: To generate a key for your Secret Locker, please click on the icon located on the top right corner of the medical records screen and Click "Generate Key" button.
Step 2: Store 12 random words generated (on a paper/ digital choice of your own). This step is extremely important. (Refer to the recovery flow to understand this further). The QR code downloaded is an easy way to scan using the camera & recover records in the event of recover scenarios discussed.
Step 3: Once you have stored the generated words, click on "Proceed" and then the "Create Locker" button. That's it, your Secret Locker is now set up and ready to use.
In the following two scenarios, your device will not have the ability to decrypt your records:
The only way to regain access to these records is through the recovery key (12 words) or QR code that was provided during the initial setup.
Step 1: Click "Unlock With Key"
Step 2: Scan the QR Code or Click "Enter Key Manually" and enter the 12 words correctly to regain access to your encrypted records.
If you have lost the key, the records stored in the Secret Locker, even if they are backed up in the cloud, will be unreadable as they are encrypted with a key that only you have access to. Without the key, the records cannot be decrypted.
To create a new Secret Locker, you can use the "Forgot your Unique Personal Key?" button, this will take you through the process of generating a new key and creating a new Secret Locker. Keep in mind that all the previous data stored in the previous Secret Locker will be lost and cannot be recovered without the previous key.
By using only the Secret Locker, you will not be able to take advantage of the additional features and insights offered by the Normal Health Locker such as smart reports and long-term trends of medical vitals. These features are not available in the Secret Locker.
It's a trade-off that you need to consider.
The Normal Health Locker is just as secure as the Secret Locker, the only difference is the point of encryption.
We recommend you to use the Secret Locker feature judiciously and make an informed decision on which records you consider extremely sensitive, and should be stored in the Secret Locker.
Excited to create a Secret Locker for yourself? Click on Download Eka.Care app to download or update to the latest version of the app.
Note: Currently, this feature is only available on iOS, but it will soon be available on Android as well.