Safe Harbor Encryption


The HIPAA Privacy Office is currently working remotely. We may be reached by email ( or by phone (203-432-5919). If you sent us a letter by mail or fax, we will be delayed in responding. Thank you for your patience.

You must encrypt all ePHI, old and new, at rest & in transit

  1. Identify all ePHI
    • Stored on your computer or servers
    • Remember to look for temp files
    • Email: Attachments and messages
    • Portable storage media & devices
    • Smart phones and PDAs
    • Paper? Images?
  2. Securely remove ePHI you no longer need: http://•
  3. Encrypt what you still need and all new ePHI

Please review and familiarize yourself with the Compliance Information and Compliance Requirements. You are responsible for complying with these requirements.