→ Slides doi: 10.7490/f1000research.1112735.1
, Indiana University Abstract
One of the major users of bioinformatics pipelines is the medical field. This poses a challenge for system administrators and software developers who provide web-facing services - securing the client's data. Certain data sets in genomics can be considered sufficiently identifiable and thus qualify as electronic protected health information (ePHI), which is then further protected by HIPAA (Health Insurance Portability and Accountability Act).
This talk will be an outline of hurdles associated with making Galaxy robust in a clinical setting. Best practices leverage a two-tiered approach at both operating system and application layers. Initially, systems configuration will be explored including least privilege for service accounts and database users, encryption of files, and system access. Later, best uses of Galaxy will be highlighted as they apply to moving data, storage, and account policies, following a rigorous NIST-based cyber risk management framework.