OneTouch Reveal Software Conflict
OneTouch's Reveal software conflicts with Tidepool Uploader, preventing uploads of OneTouch Verio line meters.
Example of error
OneTouch Reveal's Data Transfer Tool may also pop up and indicate it has completed an upload. This is a sign that this software conflicts with Tidepool Uploader and must be closed to allow Tidepool Uploader to access the Verio meter. Double-check to see if there is an icon in the taskbar for OneTouch Reveal or look to see if anything is running in Task Manager.
Screenshot of OneTouch Reveal software after it has uploaded a glucose meter
By default, OneTouch Reveal Data Transfer Tool is in the user's Startup folder and should be removed to prevent this from being a repeated issue for clinicians.
BitLocker
Bitlocker is encryption technology provided by Microsoft to manage and configure/enforce the use of encryption on storage methods, including local computer storage (disk drives) and removable storage (USB storage).
To prevent data exfiltration of PHI and other sensitive information, in larger enterprises, Bitlocker is used to enforce policies for the use of removable USB drives. Many environments with compliance and security mandates will block the ability to access or write to removable storage completely unless it is recognized as an “approved” device by the operating system.
This poses a specific problem in the case of Tidepool Uploader and OneTouch Verio devices. These devices present to the operating system as a USB storage system mounted as a drive letter (e.g. E:\\LIFESCAN
). Because of the way the device driver is written by OneTouch, Tidepool Uploader requires full access to the device. Even though no data is written to the device, the driver requires that write and read access to it be granted or a permissions error may occur.
Example of error
These policies are controlled via BitLocker Device Encryption settings in Group Policy, under Windows Components. These settings may be set via Domain Group policy or local configuration hardening and will interfere with the organization’s ability to access data on the OneTouch Verio meters.
Specific settings known to be problematic for Tidepool Uploader and OneTouch Verio use:
-
Deny write access to removable drives not protected by BitLocker - Enabled
-
Enforce drive encryption type on removable data drives - Enabled
To check policies applied using gpresult
Command prompt must be run by an administrator level user in Windows using "Run as Administrator" to get all the policy settings.
# Checking for Bitlocker removable devices policies C:\Windows\System32>gpresult /SCOPE COMPUTER /Z | find "BDE" Folder Id: SOFTWARE\Policies\Microsoft\FVE\RDVAllowBDE Folder Id: SOFTWARE\Policies\Microsoft\FVE\RDVConfigureBDE Folder Id: SOFTWARE\Policies\Microsoft\FVE\EnableBDEWithNoTPM Folder Id: SOFTWARE\Policies\Microsoft\FVE\RDVDisableBDE
Reference for the above keys:
📄 Deny write access to removable drives not protected by BitLocker
Read or Write Restrictions on Removable Storage
If BitLocker is not the issue for your organization's environment preventing OneTouch Verio line meter uploads, please consider whether there are read or write restrictions on removable storage enacted that may be preventing Tidepool Uploader from being able to communicate with the meters.
In particular, removable storage policies may interfere with device access for Tidepool Uploader.
In the case below, a group policy has been set to block write or read access to Removable Storage devices. This information was acquired by running the following command with admin rights: gpresult /SCOPE COMPUTER /Z
GPO: Local Group Policy
Folder Id: SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Deny_Write
Value: 1, 0, 0, 0
State: Enabled GPO: Local Group Policy
Folder Id: SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Deny_Write
Value: 1, 0, 0, 0
State: Enabled
While Tidepool Uploader does not require these rights, generally, the OneTouch Verio meters do require this right and we can see this is disabled in the following policy/registry setting:
SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Deny_Write
SOFTWARE\Policies\Microsoft\Windows\RemovableStorageDevices\{6AC27878-A6FA-4155-BA85-F98F491D4F33}\Deny_Read
Resulting Error
How to list blocking GPO's (Group Policy Objects)
It is possible to get a listing of the applied Group Policies for the computer or user with the Windows gpresult
command.
-
Run Windows Command Prompt. This is best accomplished by an Administrator using elevated rights. Most normal users on Windows domains do not have the required permissions to run the second command.
-
For User policy run:
gpresult /Z
-
For Computer policy:
gpresult /SCOPE COMPUTER /Z