SIMPLE UNIX ENCRYPTION

Even though one tries to do one's best to work within reasonable guidelines,
there always remains a high personal risk (hard time, big fines) of being
busted by the HIPAA Gestapo.  While the "rights" of pedophiles and serial
killers are being zealously protected at all costs, our own rights as
private citizens are subject to summary revocation by bureaucrats and judges.

So, one should protect oneself (if this is even possible) by making sure that
no Patient Health Information ("PHI") is to be found just for the reading
(i.e., in clear text form) on your computer or as part of any email.

The minumum is the UNIX "crypt" command which can transform clear text
into a digital mush that is at the very least inconvenient to restore
to clear text readability.

First, make sure that the crypt command is available in your search path
with this unix command line entry:

which crypt

Provided that a valid path is returned (e.g., /usr/bin/crypt) then one
will be able to use the crypt command to disguise any file desired
(clear text or otherwise).

Here's the simple command line way to use it interactively:

crypt cleartext.txt >mushtext.cry

The crypt command will prompt for a "key" (i.e., password) which must
then be entered and will be required again later, each time, if
one is to ever have use of that file again.  Note that there is no
implicit magic in the filename extensions chosen for this example.

 CAVEATS: The original file remains unchanged so one must always
          be sure to rm it, leaving only the *.cry version behind.

          The longer and more bizarre the key entered, the more
          secure will be the encryption and thus the probability
          of total secrecy for any PHI with which one may be
          working.  Digits may be used as part of the key.  Upper &
          lower case must later be reproduced exactly as entered:

Good key: 4sa7yaoFbf     (1st 10 words of the Gettysburg Address)
Bad keys: yo key cry duh none

          The key is case sensitive and so must be re-entered exactly
          as the original.  Any key entered incorrectly will not be
          prompted for reentry, but rather will result in the
          immediate display of the raw encrypted file which will
          almost surely make the terminal display go insane.

          While the crypt on any other UNIX box will (should? may?) be
          able to decrypt the *.cry file (provided the correct key is
          entered), there is no crypt on Windows to restore the file.

Here are two simple examples of how to use the encrypted file:

crypt <mushtext.cry | more          # the key will be prompted-for
crypt <mushfile.cry >cleartext.txt  # the key will be prompted-for

Obviously the first example is the most secure.

vi can bring up a crypt-encrypted file for both
viewing and editing if one uses its "-x" option:

vi -x mushtext.cry    # the key will be prompted-for

Note: Vi will save the file in an encrypted state,
      automatically using the very same key as
      entered to load the file.  Sweet.

How to use the info above to HIPAA-proof your life (yeah, sure):

   If the Client wants to show you some PHI, instruct them
   to crypt the datafile (NOT their his_in queue!) and then
   leave it in some out-of-the-way UNIX directory.  CLient
   can phone you with the key needed to decrypt the file.

The reverse strategy would let one provide example PHI
(provided it had first been diligently scrubbed of all
patient-identifying data) to a a professional peer.

EOF