The Difference Between Encryption and Password Protection of Patient Information

June 19, 2014 by Sherry A. Fabina-Abney, Partner | L. Alan Whaley, Partner
The world of health care moves fast.  Hospitals, physicians and other providers must protect the confidentiality of health information in a highly regulated environment with constantly evolving technology. Learn how we can help through our guide, "A Breach, or Not a Breach? If That Is the Question, Encryption May Be the Answer." An excerpt follows: 

The Difference Between Encryption and Password Protection of Patient Information

As you may already know, encryption is not the same as password protection. It’s a good idea to use a password to protect any device that contains PHI, but that is not sufficient to protect the PHI from unauthorized access. Passwords are relatively easy to defeat, and if they are defeated, the device’s data are wide open unless the data themselves have been encrypted using “an algorhythmic process in which there is a low probability of assigning meaning without use of a confidential process or key,” and the key itself has not been breached.

A Breach, or Not a Breach? If That Is the Question, Encryption May Be the Answer


View Full Site View Mobile Optimized