|
  
|
|
|
|
Stored Data Protection and Encryption Health Insurance Portability and Accountability Act (HIPAA) requires medical service providers to provide security measures for all stored patient health information. The compliance efforts are sometimes threatened by the ease with which sensitive information could reside unprotected on USB flash drives, external hard drivers, backup tapes and other portable devices and media. There are many solutions that secure mobile data and ensure that sensitive data remains private through encryption and password protection. Password protecting the data is one of the most common used data protection means today. Backup applications generally offer an option to password protect the data during the backup operation. Compulink also recommends the workstations do not include writeable drives such as CD/DVD writers. Group Policies can be implemented in a domain to make flash drives “read only”. If you are using portable devices, a program such as Winzip utility (www.winzip.com) can compress and encrypt any file or folder that resides on a local or portable device. Winzip utilizes AES encryption and password policy to protect stored data. There are many other solutions such as www.truecrypt.org that can provide the same level of security. BitLocker to Go Drive Encryption is a data protection feature available in Windows 7 Enterprise and Ultimate. It extends data protection to USB storage devices, enabling them to be restricted with a passphrase. Bitlocker uses the AES encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional disk encryption specific security not provided by AES. |
|
|
