Security Question - Githubissues

GoogleCloudPlatform / mllp

The MLLP (Short for "Minimal Lower Layer Protocol") adapter is a component that runs on GKE (https://cloud.google.com/kubernetes-engine/), receives HL7v2 messages via MLLP/TCP, and forwards messages received to Cloud HL7v2 API.

Apache License 2.0

68 stars 29 forks source link

Security Question #22

Closed cunninghamb505 closed 3 years ago

cunninghamb505 commented 3 years ago

More of a question for on premise setup. Does this send HL7 via HTTPS to the GCP cloud? Do we need to use a VPN if its already sending via HTTPS? Thanks

paulchurch commented 3 years ago

Yes, the adapter communicates to GCP over HTTPS. The documentation suggests a VPN primarily for the MLLP side of the connection which is unencrypted.

There could be other network security considerations, for example making sure the adapter does not communicate with anything other than the correct GCP endpoint, but a VPN is not needed for encryption.