Providing safe, reliable care goes hand-in-hand with protecting sensitive information. As we provide care for patients and communities, we are entrusted with personal health information (PHI) and confidential data. Our value of excellence guides our work and calls on us to store and transfer information securely.
Starting now, all USB flash drives, also called thumb drives, used for sensitive data should be hardware-encrypted IronKey devices. IronKey devices meet U.S. government standards for protection of sensitive data. When storing or transferring data, using IronKey USB drives will insure we meet legal and regulatory requirements and comply with our policies.
Please review the devices your department uses. Beginning in May, the use of all non-IronKey USB storage drives will be restricted. If you have questions regarding IronKey drives, please email informationsecurity@providence.org.
How do I request an encrypted USB flash drive?
First, contact your local IT Site Director or IT Site Manager. Your needs will be reviewed and, if appropriate, alternate methods will be discussed.
Second, when you receive approval, please email a request to the Service Desk at AskIT@stjoe.org. When the device is received, it will be delivered to you. Follow these instructions to begin using your encrypted flash drive.
Answers to other frequently asked questions
Why do I need an encrypted storage device? Am I required to use one?
Personal Health Information (PHI) and confidential data are required to be encrypted when stored or transferred per legal and regulatory requirements and PSJH policy. Any user or department process that requires the use of a USB drive must use either an IronKey encrypted drive or an alternate approved method such as FileHub to store or transfer data.
What if I don’t want to use an encrypted flash drive?
If PHI or confidential data is involved, encryption is mandatory. Other secure data management options exist, such as FileHub. Please consult with your IT site director, regional security officer or regional compliance director.
Can I share my IronKey drive when I’m issued one?
No. Each IronKey device is assigned to an individual user.