Encryption Requirement for Sensitive Electronic Information (SEI)



The Duke Medicine Mobile Computing and Storage Device Standard outlines the requirements for encryption of Sensitive Electronic Information (SEI). Any mobile computing and storage device containing Duke Medicine SEI, regardless of ownership, must employ encryption as outlined in the standard. Duke Medicine laptops must employ Whole Disc Encryption (WDE) and have the IBM Endpoint Manager (IEM) client installed. Other mobile storage devices (e.g., flash drives, discs, tablets, etc.) may use WDE or file encryption. An Encryption FAQ and instructions on how to encrypt are available online to assist Duke Medicine employees in meeting these requirements.

Device How to Encrypt
Windows laptop Symantec WDE
Mac OS X laptop Symantec or FileVault2* WDE
Tablets, smart phones WDE native to device
Flash drives, discs, CDs, DVDs, other Symantec file encryption or other AES 256 apps

*allowed via current policy exception