Encryption and Key Management for Health Care Data

More than 70 percent of reported health care breaches – a staggering 15.6 million medical records – are due to lost, stolen or improperly disposed of devices. Unencrypted regulatory data on servers, notebooks and mobile devices and improper key management in cloud environments can lead to millions in fines and permanently damage a health care provider’s reputation.

Don’t take that risk. Gazzang zNcrypt for Health Care™ can help you ensure the availability, integrity and confidentiality of your electronic protected health information (ePHI) whether the data resides on premises or in the cloud.

zNcrypt transparently encrypts and secures Linux data at rest without any changes to your applications or database and ensures there is minimal performance lag in the encryption or decryption process. Advanced key management with Gazzang zTrustee™ and process-based access controls enable organizations to meet compliance regulations and ensure unauthorized parties never gain access to the encrypted data.


Transparent data encryptionzNcrypt File Level Encryption

  • High-performance data at-rest protection of all databases, applications or files running on Linux
  • Helps enable compliance with HIPAA-HITECH, PCI-DSS, FISMA, EU Data Protection Directive and other data security regulations

Advanced key management with Gazzang zTrustee™

  • Stores keys separate from the encrypted data to ensure a data breach does not also result in the loss of the cryptographic key
  • Enforces a broad range of policies for object authorization, expiration, revocation, retrieval limits and more

Process-based access controls

  • Restricts access to specific, authorized processes
  • Limits data availability to only those who need it
  • Hierarchical process controls provide maximum flexibility and control

Simple installation and configuration

  • Simple .deb and .rpm installation
  • Available through automation tools including Chef and Puppet
  • Requires no changes to databases, files, applications or storage

Support for multiple encrypted mount points with individual keys

  • Provides better data segregation and multi-tenant storage by allowing different user groups to define their own key policies
  • Enables organizations to easily add encrypted storage volumes without downtime

Dynamic Kernel Module Support (DKMS)

  • Supports virtually any Linux kernel version, ensuring maximum uptime for customers during a security patch or kernel modification
  • Delivered via RPM and Debian packages


  • Simple integration with various security and event management systems, including Gazzang zOps™
  • Helps meet certain regulations for the protection of confidential data