Safe Harbor Encryption

Please review and familiarize yourself with the Compliance Information and Compliance Requirements. You are responsible for complying with these requirements.

You must encrypt all ePHI, old and new, at rest & in transit

  1. Identify all ePHI
    • Stored on your computer or servers
    • Remember to look for temp files
    • Email: Attachments and messages
    • Portable storage media & devices
    • Smart phones and PDAs
    • Paper? Images?
  2. Securely remove ePHI you no longer need
    • PGP secure delete; MacOS secure delete; DBAN
    • Identity Finder (for numeric three-lock records)
  3. Encrypt what you still need and all new ePHI