Information Security Program
Home >> Guidance >> Technical Guidance >> Laptop and Mobile Device Encryption

System Security Standard  Find out the standard ways to secure at system at UW Medicine

New Data Stewardship Training  Know your Role and Responsibilities for Confidential Information

How to Encrypt Computing Devices and Electronic Data  How do I encrypt?

Information Security Policies  Home of the Information Security Policies

Departmental Training Materials  Training materials for use in departmental education

Self Service Vulnerability Assessement  Find your Vulnerabilities

Frequently Asked Questions  Find Security related answers

Glossary of Terms  Information Security Term Definitions

Contact the Information Security Team  We are here to Help

Secure Remote Access  UW Medicine Networks Team

UW Office of the CISO  UW Chief Information Security Officers Website

Mobile Device Encryption Guidance

Protection of confidential information is of the highest priority in UW Medicine. Confidential information includes protected health information (PHI) and personally identifiable information (PII). If possible, users should avoid storing PHI or PII on laptops, USB memory sticks, and other mobile devices since any information on a mobile device is at elevated risk for unauthorized disclosure secondary to loss and theft. If storage of PHI or PII on a mobile device is necessary, UW Medicine requires that these devices be encrypted.

What is Encryption?

Encryption is the process of converting data into an unreadable format that is reversible with the use of a security key or password.

There are three parts to encryption: restricted and confidential data to protect, an encryption cipher or algorithm and an encryption key. We have sensitive data to protect so encryption software uses an approved encryption algorithm to "scramble" the data and make it unreadable. The data is stored or transmitted and when someone needs to view the data they use the key or password to "unscramble" or decrypt it.

Do I have to use Encryption?

If you access, store or use Protected Health Information (PHI) or Personally Identifiable Information (PII) or other confidential data on a laptop or a mobile device you must encrypt the data.

Why is encrypting sensitive data important?

Protecting patient data is of primary importance to the organization. We all need to take due care with patient data and ensure that their privacy is not compromised. Mobile devices pose a unique problem as they are easy targets for theft and loss. The data stored on these devices needs to be protected because of this problem. Encryption is a standard solution and is an effective tool to prevent unauthorized access to data.

How do I encrypt my Mobile Device?

**Here is a flow chart to help you determine your encryption needs** (pdf version)

We have put together a list of options based on the operating system and well known, vetted solutions in the information security industry.

UW Medicine promotes the use of full disk encryption for laptops and mobile devices wherever possible. Some of the solutions listed below are not full disk.

Before installing any of the solutions listed below BACK UP YOUR DATA. If something happens to your password or key, or if the installation goes wrong you could lose all the data on your laptop or mobile device. Once the encryption solution is installed you should routinely back up your data to make sure you have the most current set of data available to you in case something happens to your device.

Any pay solutions listed below are up to the end user to determine how to pay for.

Free Software Solutions

Microsoft - Printable PDF Instructions

Macintosh - Printable PDF Instructions

Other OS - Printable PDF Instructions

Pay Software Solution

The product listed below will work on all Microsoft and Mac operating systems. It is also a full-disk encryption solution with vendor support.

This product was chosen because the University of Washington already has an agreement in place with the vendor for their anti-virus solution.

Smart Phone Encryption

Android

If you are going to be putting any RESTRICTED or CONFIDENTIAL electronic data on your Android device, then you must encrypt it. This can be done in multiple ways.

If you must put the files on your Android device then there are encryption applications that you can use to encrypt images, notes, and files on your Android device.

Two top encryption applications for Android are:

If you have Android version 4.0 or above than you can encrypt your phone using the new built in "Encrypt your phone" functionality.

You can find more about this new feature on the Google site located here: Android Encrypt your phone Support page

iOS

iOS device running iOS 3.0 or higher have built in encryption for the hardware on the device. This does not mean the data on your device is secure. If the device is jailbroken then the unauthorized individual could have access to most of the data on the device.

If your iOS device is running iOS 4.0 or higher then Apple Data Protection will encrypt the email, email attachments, and app data but only for apps that use the Data Protection.

Alternate Data Storage

If you can't protect data by encrypting your laptop, saving it to an alternate storage device is another option.

Alternate storage devices include USB flash drives, also called thumb or jump drives, and external hard drives. Using alternate data storage devices requires more care on your part. Only use storage devices that are encrypted or are physically secured. While you are working, you must double-check that you are saving data only to the alternate storage device.

These devices are more vulnerable to theft and loss than larger devices. If you choose to use an external hard drive, it should not leave your work area and it should be physically secured with a cable lock. If you store data on a USB drive you should attach it to a lanyard to reduce the risk of loss.

Note that the software provided to encrypt and decrypt alternate storage devices might require administrative privileges on your computer. Check with your system administrator for assistance if you do not have administrator rights.

Encrypted USB Drives - Printable PDF Instructions

External Hard Drives

Frequently Asked Questions

If your question was not answered on this page, we have compiled a list of questions frequently asked about Laptop and Mobile Device Encryption here: FAQ

Support

To obtain information or help with encryption, contact IT Services Help Desk at mcsos@u.washington.edu. If this is an urgent matter, please call them at 206-543-7012. Please reserve calling for truly urgent matters.