The purpose of this standard is to define approved methods for using encryption technology to ensure the integrity and confidentiality of electronic protected health information (ePHI) and other 51³Ô¹Ï confidential information while at rest and during transmission. This standard applies to all data that is considered 51³Ô¹Ï confidential information, including ePHI when it is at rest, being processed, or transmitted between information technology resources.
Data encryption technology and mechanisms exist to help ensure the confidentiality and integrity of data. This standard is designed to help 51³Ô¹Ï’s UIS Department determine when it is necessary to utilize encryption, and what type and/or level of encryption to employ. 51³Ô¹Ï security standards for Encryption Technology are based upon industry standards, HIPAA, National Institute of Standards & Technologies (NIST) security guidelines, and existing 51³Ô¹Ï policies on Information Security.
PUNet ID required to review
Revised 2/8/2022