Institute:Office of National Coordinator (ONC) Workforce Training Curriculum
Component:The Culture of Health Care
Unit:Privacy, Confidentiality, and Security
Lecture:Tools for protecting privacy and confidentiality
Slide content:Encryption Necessary but not sufficient to ensure security Is a safe harbor under federal and state laws when data loss occurs Should, however, be used for all communications over public networks, such as the Internet, and with mobile devices Information is scrambled and unscrambled using a key Types: Symmetric and asymmetric Asymmetric, also known as public key encryption, can be used for digital certificates, electronic signatures, and so on 12
Slide notes:The next slides discuss encryption. Although encryption is a necessary precaution, it is not sufficient to ensure security. Any medical communication, whether an e-mail or transmission of a medical record, should be encrypted if it is being sent over a public network, because anyone with the right know-how could intercept that information. What is encryption? t is when information is scrambled using a key, which essentially is a randomly generated secret code. As an oversimplified example, a key might convert every A to a 9, every B to a $, and so on, before a message or document is sent. The recipient must possess a key to unscramble the message. There are different types of encryption. Symmetric encryption is when information is scrambled and unscrambled with the same key. Asymmetric encryption, sometimes called public-key encryption, is when a different key is used for scrambling than for unscrambling the information. 12