The purpose of this standard is to define approved methods for using encryption technology to ensure the integrity and confidentiality of electronic protected health information (ePHI) and other Â鶹ӰÊÓ confidential information while at rest and during transmission. This standard applies to all data that is considered Â鶹ӰÊÓ confidential information, including ePHI when it is at rest, being processed, or transmitted between information technology resources.
Data encryption technology and mechanisms exist to help ensure the confidentiality and integrity of data. This standard is designed to help Â鶹ӰÊÓ’s UIS Department determine when it is necessary to utilize encryption, and what type and/or level of encryption to employ. Â鶹ӰÊÓ security standards for Encryption Technology are based upon industry standards, HIPAA, National Institute of Standards & Technologies (NIST) security guidelines, and existing Â鶹ӰÊÓ policies on Information Security.
PUNet ID required to review
Revised 2/8/2022