Mount Sinai IT Security

Learn. Protect. Secure.

Encryption Availability & Instructions

BACKGROUND

Extreme care must be taken when Electronic Protected Health Information (EPHI) is copied or moved from a secure server to a local workstation or other form of local storage. There are significant risks involved with working with EPHI not stored on a secure server. HIPAA and other privacy and security considerations must be evaluated when deciding that the information must be copied or moved from a secure server. If after assessing the risks it is deemed necessary to make a local copy of the data, then only the minimally necessary set of data should be extracted

RECOMMENDATIONS

If possible do not store EPHI on the local workstation. Utilize secure server storage whenever possible. If EPHI must be stored locally, then store the minimal set of information necessary to complete the required task. Once the task is completed, delete the locally stored EPHI as soon as possible

Who owns the computer? Computer Type Operating System Encryption Type More Information
Personal Windows Windows 7-10 Professional Bitlocker Link
Mount Sinai Windows Windows 7-10 Professional Mcafee
Mount Sinai / Personal Mac OSX 10 FileVault Link

For USB Flash Drives

USB Drives Several manufacturers of USB Thumb drives now include built in encryption or biometric authentication. Please note that some devices do not support all of the various operating systems in use at the medical center, such as Macintosh and Linux, please refer to the vendor websites for more information.

Apricorn – http://www.apricorn.com/aegis-secure-key.html

Ironkey – http://www.ironkey.com