APJ Case Study

Thales payShield HSMs help Resonance secure patients’ COVID testing secure patients’ COVID testing information in Australiainformation in Australi

About Resonance Australia

With a pedigree as a PCI compliant Fintech solutions provider protecting sensitive payment data, Resonance Australia offers an innovative technology platform that fuses payment and non- payment data, offering a new approach to secure business data management. Their proprietary in-house technology is highly customisable and configurable, allowing their customers to create an array of unique solutions (products and services) to address each customer’s specific needs and requirements.

Resonance works with corporate and enterprise customers, including financial, hospitality and healthcare industries enabling their customers to create value from their data by providing a seamless integrated environment bringing together data from areas across customer information management, payments, loyalty programs, campaigns, workflow and reconciliation.

Business Challenge

The COVID-19 pandemic introduced a global requirement for all people, in all communities to present themselves for regular testing. Traditional healthcare facilities in Australia were not equipped to handle the volumes of patients, resulting in the establishment of hundreds of drive through testing clinics. These makeshift clinics have been established in car parks and open lots of land with little or no access to conventional infrastructure (shelter, electricity, computers, networking, etc.). Initially the only option was to use paper-based forms and pens to collect patient details, resulting in data transcription errors and mass congestion within the laboratory environment.

With millions of people needing to be tested on a regular and ongoing basis there was an immediate need for an automated, highly secure digital solution providing a high degree of data accuracy, at a reasonable cost with near immediate implementation turnaround time.


The Resonance Stratagem processing technology is perfectly positioned to respond to the COVID-19 business challenge. Stratagem was purpose-built to process large scale, high-volume payment transaction data with the highest levels of security available in the industry. However, the flexibility of the system allowed it to be configured for the processing of other types of sensitive data, making it ideally suited as a tried and tested platform to process millions of patient data records for COVID-19 testing.

Privacy of patient information being of paramount importance, is addressed in Stratagem as data confidentiality is a default feature within the platform enabled via Thales payShield Hardware Security Modules located in multiple hybrid cloud-based data centres specifically for this purpose. Healthcare requirements for privacy of patient information security is eclipsed by the fact that Resonance is a PCI compliant and certified business (via its payment processing operations). The PCI methodologies and business practises have been applied to the security of patient data.

“As a payment processor, we have to keep up with ever changing PCI mandates. Thales’ payShield HSMs has given us the versatility as they have been able to move with the times. Given that we were already protecting customers’ sensitive payment data, we could seamlessly pivot to protect sensitive patient healthcare data in this case.”

Wayne Fagan, Co-Founder and MD, Resonance Australia

Resonance repurposed various building blocks with the Stratagem technology delivering a reliable and highly accurate COVID-19 testing solution within a matter of days.

The COVID-19 solution comprises of:

  • Rugged, highly secure EFTPOS terminals are used by the staff at drive through COVID testing centres, to capture patient’s data. EFTPOS machines were chosen as data entry devices since being highly secure, portable (battery operated), GPRS enabled for data communication while also possessing rubber keys allows the healthcare staff to easily capture the patients mobile number while wearing latex gloves and other PPE (Personal Protection Equipment).
  • Using the EFTPOS terminal device, the healthcare staff enters the patient’s mobile number. The data is pushed to the Stratagem data processor, registering the patient within the system and providing an SMS response to the patient with a verification access code and mobile web link. This use of the mobile number is crucial in creating the purity of patient data allowing a 100% confirmation of the fact that the patient in front of the tester is the person linked to that mobile number. The patient using the verification code can now securely access the web portal and complete the required input data fields (comprising of personal data as well as questions relating to symptoms and reason for testing). Sensitive patient data is encrypted by the Thales payShield Hardware Security Module that is a highly secure and tamper proof (and independently validated under the FIPS 140-2 and PCI HSM certification processes). Successful submission of this data by the patient results in a test number.
  • The healthcare staff member asks the patient for their system generated test number ahead of the actual nasal and throat swab extract. The test number is entered to the EFTPOS terminal resulting in a print out of a label containing all the patient’s key information (test location, patient data, symptoms and laboratory test number) as well as a barcoded laboratory tracking number.
  • Patients’ samples are collected from each test site and delivered to the pathology laboratory for processing.
  • Pathology lab staff scans the barcodes on each test vial that automatically and digitally pulls the corresponding patient data from the Resonance Stratagem system that in turn feeds the data into the appropriate laboratory testing and patient management systems.
  • Once testing is completed, the pathology lab sends the test result via SMS to the patient. All processing from collection to test result can now occur within 12 to 24 hours.

Result & Benefits

Through this new streamlined, accurate and secure digitised patient data collection process, new COVID test sites can rapidly be established allowing the linked pathology laboratory to process large volumes of tests in an automated manner and improve testing turnaround time frames to as little as 12 hours with the following benefits.

Re-purposing highly secure payment processing infrastructure to protect healthcare data

Business Need:

Ability to capitalise on existing technology (Stratagem) to rapidly respond to highly effective solution to manage patient data in a COVID pandemic

Technology Need:

  • Securely handle large volumes of sensitive patient COVID testing data
  • Remotely link the patient’s data record to a laboratory test number for accuracy of reporting
  • Protect sensitive patient data using strong encryption


  • The Resonance Stratagem technology data agnostic processing platform
  • Thales payShield Hardware Security Modules (HSMs)
  • Bank security grade EFTPOS device hardware


  • Innovative technology solution positively impacting the lives of all people in the country
  • World-class encryption implementation capable of supporting volume processing with unlimited growth potential
  • Robust and highly secure
  • Improving and streamlining pathology COVID testing process by:
    • Digitising and securing patients’ data
    • Eliminating paper-based data collection and any transcribing errors

Currently processing 1,000,000 tests monthly

20% reduction in processing a patient in the field

74% reduction in laboratory capture and processing time

ZERO errors in patient data collection

ZERO patient calls to call centre seek missing results due to incorrect mobile numbers

About Thales

The people you rely on to protect your privacy rely on Thales to protect their data. When it comes to data security, organizations are faced with an increasing number of decisive moments. Whether the moment is building an encryption strategy, moving to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.

Decisive technology for decisive moments.

Related posts

Fujitsu and KCWB co-develop an AI-based drawing screening system


Canon India with JIM enhances its Training Program Under Skill India Initiative


Toshiba Unveils feature rich C350NP Smart Google TV at INR 26,999