Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

NSTS Service Management Team

advertisement 
NSTS Service Management Team
Security Advice on Exchanging Person-Identifiable Data via e-mail
When sending data about a single person (patient/client/service user) or group of persons to
a colleague by e-mail, the data must be properly protected if the data is detailed enough that
the individual(s) could be identified from it (i.e. if it is person-identifiable data).
Sending person-identifiable data (PID) by e-mail thus requires the data to be encrypted
sufficiently that makes it extremely difficult for it to be read if intercepted, either deliberately or
accidentally.
What is person-identifiable data (PID)?
PID includes such data as:




name and date of birth;
name and address;
full name (though not forename or surname alone, usually);
full address.
Since we know that the NHS Number can uniquely identify an individual, this should be
considered as PID in this context.
In the context of resolving data queries about persons (or patients) on NSTS, it is likely that
any communication about such data queries will necessarily include PID.
What methods of protection are acceptable?
NHS CFH Information Governance guidelines confirm that it is acceptable to do the
following:
1. To exchange PID within an NHSmail (previously called Contact) e-mail. This is the
standard means of exchange that we are working towards as it requires no additional
protection since the e-mails and their attachments are encrypted. Note that both sender
and recipient must use NHSmail accounts for the protection to work.
2. Protect the PID within a file encrypted using the Advanced Encryption Standard
(AES). There are several software tools that can do this usually using 128- or 256-bit
keys (256-bit is preferred, especially over the Internet). Acceptable AES encryption tools
include:
 Utimaco’s SafeGuard® Private Crypto;
 WinZip® (v9 and above), but not the standard Zip 2.0 encryption which is weak;
 PGP® (Pretty Good Privacy).
Notes:
 Both the Utimaco and PGP products can produce a ‘self-decrypting archive’ (SDA)
file which has a .exe extension. This is an executable file which does not require the
person receiving it to have the software (Utimaco or PGP). However, in tests we
found that SDA files were often stopped by Fire Walls even if we changed the .exe
extension.
 All three tools produce encrypted files which can be decrypted by the recipient with
the appropriate software tool (i.e. both sender and recipient need to have the same
tool installed). We found that these encrypted files were less likely to be stopped by
Fire Walls.
116095859
1 of 2
June 2006
What methods of protection are not acceptable?
NHS CFH Information Governance guidelines suggest that it is not acceptable to:
3. Exchange PID ‘in the clear’ in an open e-mail, even over the NHS network, except within
NHSmail (previously called Contact – see above).
4. Protect PID simply within a password-protected file (e.g. a Word document or an Excel
workbook). Such protection is weak and can be circumvented relatively easily using
software tools.
5. Protect PID within a WinZip file using the standard Zip 2.0 encryption. This too is known
to be relatively weak, but has been the standard encryption method in WinZip for some
time.
Further information
For further information on the about encryption tools, visit:



Utimaco’s SafeGuard® Private Crypto: http://www.utimaco.com/privatecrypto
WinZip®: http://www.winzip.com
PGP®: http://www.pgp.com
Recommended protection methods for typical PID e-mail exchanges
TO:
NHS user
Non-NHS
user1
Atos Help
Desk2
NHSCR
DST4
NHAIS
support
analysts
NSTS
SMT
Atos
support3
NHSmail
or AES
AES
AES
N/A
N/A
NHSmail
or AES
AES
NHSmail
or AES
AES
AES
AES
NHSmail
or AES
AES
N/A
N/A
N/A
N/A
N/A
N/A
N/A
NHSmail
or AES
NHSmail
or AES
NHSmail
or AES
AES
AES
N/A
NHSmail
NHSmail
NHSmail
AES
AES
N/A
NHSmail
NHSmail
NHSmail
AES
AES
N/A
NHSmail
NHSmail
NHSmail
AES
AES
N/A
AES
AES
AES
AES
FROM:
NHS user
Non-NHS user1
Atos Help
Desk2
NHSCR DST4
NHAIS support
analysts
NSTS SMT
Atos support3
AES
Protection Methods:
NHSmail = preferred method: both sender and recipient(s) have NHSmail addresses
(which always end in “nhs.net”) – e.g.fred.bloggs@nhs.net is NHSmail but
fred.bloggs@org.nhs.uk is not.
AES
= encrypted in a file using AES 256-bit key encryption with one of the acceptable
encryption tools – one or both of sender and recipient do not have NHSmail
address.
1
Assumes non-NHS user has not got NHSmail account.
Atos Help Desk does not need to receive PID – but, if they were to do so, then AES encryption would be necessary.
Atos Origin do not have NHSmail e-mail, but can use WinZip v9 and above for AES-256 encryption.
4
NHSCR DST prefers NHSmail but can use Utimaco SafeGuard® PrivateCrypto for AES 256 encryption
2
3
116095859
2 of 2
June 2006
Related documents
NHS Mail
NHS Mail
From: Easter Christina (GREAT YARMOUTH AND WAVENEY PCT
From: Easter Christina (GREAT YARMOUTH AND WAVENEY PCT
Claire Addison - Foundation Scotland
Claire Addison - Foundation Scotland
PPT, 729.0kB
PPT, 729.0kB
VPN_Request - ANS Group Plc
VPN_Request - ANS Group Plc
AES Encryption
AES Encryption
Clinical Trial Protocol Outline
Clinical Trial Protocol Outline
NHSmail & MS Licencing Update
NHSmail & MS Licencing Update
Comparison Stealthphone Soft and the competing products
Comparison Stealthphone Soft and the competing products
Tutorial 4
Tutorial 4
Download
advertisement