bbRad security

Data transfers between bbRad Gateways, and between gateways and bbRad.net are always encrypted.

The data itself - attached files, reports, or image data - are always encrypted using AES256 to the recipient's public key. This means that the data is encrypted end-to-end, so it is not decrypted until safely on the recipient hospital's network - not even within our secure bbRad.net data centre.

The transfer is done using Secure FTP - bbRad uses the latest Secure FTP protocol called Explicit FTPS, also known as FTP over SSL/TLS. This means that hospitals do not need to make any firewall rule changes beyond enabling FTP. As at bbRad Version 2.13, only the Control Channel is encrypted, but an option to also encrypt of the Data Channel is scheduled for bbRad Version 2.14.