Mount Sinai IT Security
Learn. Protect. Secure.
Encryption Availability & Instructions
BACKGROUND
Extreme care must be taken when Electronic Protected Health Information (EPHI) is copied or moved from a secure server to a local workstation or other form of local storage. There are significant risks involved with working with EPHI not stored on a secure server. HIPAA and other privacy and security considerations must be evaluated when deciding that the information must be copied or moved from a secure server. If after assessing the risks it is deemed necessary to make a local copy of the data, then only the minimally necessary set of data should be extracted
RECOMMENDATIONS
If possible do not store EPHI on the local workstation. Utilize secure server storage whenever possible. If EPHI must be stored locally, then store the minimal set of information necessary to complete the required task. Once the task is completed, delete the locally stored EPHI as soon as possible
| Who owns the computer? | Computer Type | Operating System | Encryption Type | More Information |
|---|---|---|---|---|
| Personal | Windows | Windows 7-10 Professional | Bitlocker | Link |
| Mount Sinai | Windows | Windows 7-10 Professional | Mcafee | |
| Mount Sinai / Personal | Mac | OSX 10 | FileVault | Link |
For USB Flash Drives
USB Drives Several manufacturers of USB Thumb drives now include built in encryption or biometric authentication. Please note that some devices do not support all of the various operating systems in use at the medical center, such as Macintosh and Linux, please refer to the vendor websites for more information.
Apricorn – http://www.apricorn.com/aegis-secure-key.html
Ironkey – http://www.ironkey.com