Safe Harbor Encryption


ANNOUNCEMENT

The HIPAA Privacy Office is currently working remotely. We may be reached by email (hipaa@yale.edu) or by phone (203-432-5919). If you sent us a letter by mail or fax, we will be delayed in responding. Thank you for your patience.


You must encrypt all ePHI, old and new, at rest & in transit

  1. Identify all ePHI
    • Stored on your computer or servers
    • Remember to look for temp files
    • Email: Attachments and messages
    • Portable storage media & devices
    • Smart phones and PDAs
    • Paper? Images?
  2. Securely remove ePHI you no longer need: http://• https://cybersecurity.yale.edu/topic/reuserecycle
  3. Encrypt what you still need and all new ePHI

Please review and familiarize yourself with the Compliance Information and Compliance Requirements. You are responsible for complying with these requirements.