from About the SOM Laptop Encryption Project

The University of California at San Francisco School of Medicine (SOM) would like to secure sensitive (i.e., ePHI, financial, etc.) data on all SOM laptop computers, along with identified high risk SOM desktops as outlined by U.S. HIPAA (Health Insurance Portability and Accountability Act of August 1996), California Assembly Bill 211 (AB-211), California Senate Bill 541 (SB-541) and UCSF 650-16 Information Security and Confidentiality Policy. HIPAA requires UCSF School of Medicine as well as all other healthcare organizations to protect the privacy of "individually identifiable and therefore protected health information."

The UCSF School of Medicine Information Services Unit (ISU) selected Check Point Full Disk Encryption primarily due to its availability, low-overhead operating model, fast-deployment strategy, and pre-existing statewide contract with the University of California Office of the President. Check Point has been successfully implemented at UCSF Medical Center and OAAIS. Adopting this campus best practice will ensure interoperability between SOM and the rest of UCSF; it meets HIPAA security requirements, and it provides our customers with a supportable, maintainable, and well-documented encryption solution. It is reasonably efficient, easily scalable, and interacts well with SOM ISU supported applications.

The SOM Dean's Office is providing funding for the FY 09-10 licensing costs for up to 2500 UCSF owned laptops and high-risk desktops.

ISU, as the Security Control Point for SOM, will perform a Quality Assurance (QA) Assessment post-encryption to review the success of encryption on each device to better position each department for compliance for endpoint audits. The security risks of a compromise in medical, financial, and other personnel information could result in severe legal and financial implications to the School of Medicine if not secured via encryption.

General Information

• From the DOM Chair - Computer Encryption (PDF) - sent to all DOM faculty, staff and trainees on December 15, 2009
• SOM Encryption Project (SOM ISU)
• Project FAQ
• What is sensitive data?
• Policy & Security - SOM Encryption Project - from the DOM IT Services Summer 2009 Newsletter
• SOM Encryption Project Hardware Specials - UCSF Technology Store (does not currently list Dell bundles) expired

Presentation Materials

• Introduction to the SOM Encryption Project (PDF) - for SOM Department Chairs, May 2009
• SOM Encryption Project - UCSF IT Services Meeting, July 9, 2009
• SOM ISU Encryption Project Update - UCSF IT Services Meeting, September 10, 2009
• SOM Encryption Project Overview (PDF) - for SFGH Department of Medicine Division Chiefs, October 6, 2009
• SOM Encryption Project Update (PDF) - for Department of Medicine Division Administrators, November 2, 2009
• Encryption Project Hardware Discounts (PDF) - UCSF IT Services Meeting, November 12, 2009
• SOM Encryption Project Update (PDF) - for Department of Medicine Division Administrators, January 13, 2010
• Weekend Laptop Encryption Options (PDF) - January 31, 2010

Forms & Instructions

• DOM Laptop Inventory Template (XLS)
• Completing Your Inventory
• Encryption Waiver Process for the Department of Medicine
• Determining How Much Data We'll Back Up
• DOM Computer Encryption Drop-off Form (PDF)
• Sample Drop-off Scheduling Email (PDF)
• Post Encryption Information for Macs (PDF) and PCs (PDF)
• New Mac FDE logging script (TGZ) - Double-click to expand the archive, July 23, 2010