Hacker News new | ask | show | jobs
by pskinner 1125 days ago
HL7v2 is just the schema - the mechanism for sending these messages is normally something called MLLP which is just a simple framing protocol and has no built in security. It is possible to send/receive HL7v2 over other protocols, MLLP is the most common.

Its normal to secure the endpoints via network level security - ipsec etc. HL7v3 transformed into FHIR which is done over HTTPS instead.
2 comments
kckljssyckyc 1125 days ago
or, hear me out, you also blast it unencrypted to the flex pagers your employees don't even use anymore
link
robertlagrant 1124 days ago
It's normal to not encrypt it, in my experience.
link
nradov 1124 days ago
It's really not normal to not encrypt HL7 V2 messages. Every interface that I've seen uses a VPN.
link
robertlagrant 1124 days ago
I'm in the UK in the NHS. Perhaps that's the difference. They just do network lockdowns inside the hospital.
link