Encryption Rules - A Summary
- All health sciences faculty and staff members must complete the annual health sciences encryption training module. You can find the training in the LMS system here https://hrit.utah.edu/lms
- All department-owned laptops must be encrypted.
- All department-owned desktops must be encrypted.
- All portable devices used to store, backup, or transport university data must be encrypted.(this includes thumb drives, flash drives, external usb drives, and time machine backup drives) If your device does not require a password to access the data on it, contact the IT staff ASAP for a replacement.
- All E-Mail containing PHI / Sensitive Data must be encrypted. This means that it must be sent from your university e-mail account (u-mail) and you must include the term PHI in the subject line.
- All ITS managed computers have a program installed that blocks data writing to non-encrypted drives. The program will only allow data to be written to approved encrypted drives.
- Department owned Phones and Tablets need to be encrypted and managed.
- All personally-owned computers used to conduct University business must be encrypted at the expense of the owner. These computers must be encrypted even if you only access u-mail or the applications portal from home. We would prefer that you use a department owned computer instead.
Personally-Owned computer encryption guidance.
Pediatrics IT staff cannot encrypt personally owned computers. If you are not capable of encrypting it on your own, you should take it to your own computer repair guy or take it to a company like BestBuy or Staples.
The type of encryption software used depends on what kind of computer you have. There are guides all over the internet on how to encrypt your computer. The table below shows some of the free options for encrypting personal computers.
|Type||Operating System||Free Options|
|PC||Windows 7 Home, Pro||TrueCrypt|
|PC||Windows 7 Ultimate||TrueCrypt or Windows Bitlocker|
|PC||Windows 8/10||must upgrade to pro|
|PC||Windows 8/10 Pro||Windows Bitlocker|
|Apple||OSX 10.7 and newer||FileVault|
|Apple||Older than 10.7||TrueCrypt|
Notes: Do NOT enable these programs on department-owned computers as they are already encrypted with PGP. Please backup all data on your personally owned computer before trying to encrypt it. TrueCrypt can be downloaded from the truecrypt.org website for free. Bitlocker and FileVault are built into the OS and just need to be enabled. Encryption strength should be set to AES 256 bit when possible.
|If you have any questions about this content please contact our IT department at 587-7075|