You must encrypt all ePHI, old and new, at rest & in transit
- Identify all ePHI
- Stored on your computer or servers
- Remember to look for temp files
- Email: Attachments and messages
- Portable storage media & devices
- Smart phones and PDAs
- Paper? Images?
- Securely remove ePHI you no longer need: http://• https://cybersecurity.yale.edu/topic/reuserecycle
- Encrypt what you still need and all new ePHI
- Use the Secure File Transfer tool to transmit or receive.
- Do not transmit or receive ePHI via email except as described in Policy 5123.