HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases

More»

E-learning

  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation

More»

Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos


More»

Oct
09

Encryption of data at rest

Email This Post Print This Post

Would the use of an OS with 128-bit encryption satisfy the encryption of data at rest?

Mimi Hart

HIPAA Research Analyst
Information Protection
Iowa Health System

Comments

  1. Frank Ruelas says:

    Mimi,

    Encryption is one piece of the puzzle to address the data at rest requirement.

    In answer to your question, the NIST 800-111 guidance makes reference to the FIPS 197 document which does reference technologies that speak to the 128 bit reference you noted in your posting.

    However, this in and of itself would not satisfy the requirements because authentication is also a key aspect of the process that needs to be considered.

    Frank

Leave a Reply