The purpose of this standard is to define approved methods for using encryption technology to ensure the integrity and confidentiality of electronic protected health information (ePHI) and other 91ÊÓƵ confidential information while at rest and during transmission. This standard applies to all data that is considered 91ÊÓƵ confidential information, including ePHI when it is at rest, being processed, or transmitted between information technology resources.
Data encryption technology and mechanisms exist to help ensure the confidentiality and integrity of data. This standard is designed to help 91ÊÓƵ’s UIS Department determine when it is necessary to utilize encryption, and what type and/or level of encryption to employ. 91ÊÓƵ security standards for Encryption Technology are based upon industry standards, HIPAA, National Institute of Standards & Technologies (NIST) security guidelines, and existing 91ÊÓƵ policies on Information Security.
PUNet ID required to review
Revised 2/8/2022