Guide to Secure Transmission of Confidential Information
HHSC has required CASA programs to employ encryption to keep confidential information secure during electronic transmission. This guide offers multiple options for encryption.
Transmission of confidential information creates opportunities for unauthorized access to documents, that is, for people without the legal authority to documents to receive or review them. Document encryption protects against unauthorized access. In document encryption, a document is protected with cryptographic keys (a password) so that only individuals with the corresponding decryption keys (the same password) can open them.
Please be aware and implement the following procedures to ensure that documents, reports, files, and records remain confidential during sharing or transmission.
Court reports are frequently shared between the volunteer Advocate and the staff person who provides coaching and supervision on the case.
- Optima: Court reports should be uploaded by the Volunteer Supervisor or Volunteer into Optima for reviewing, amending, or approving purposes. Optima is a secure database that is user-specific password protected. Therefore, it meets the definition of secure transmission.
ENCRYPTION VIA PASSWORD PROTECTING DOCUMENTS
Current versions of Microsoft Office, Adobe Acrobat and WinZip offer password protection to secure your files. When emailing a Word or Excel document with confidential or identifying information, use the password protection feature.
Here’s how to password protect a document:
- Open the Word, Excel or PDF document>
- Click File>
- Click Protect Document>
- Click Encrypt with Password>
- Enter your password.
It is recommended that your program use a strong password so if the document is received by an unintended person, it will remain locked and be impossible to open or view without the password.
CONFIDENTIALITY WHILE TEXTING
When texting about a case, remember to use non-specific, non-identifying information. For example, when communicating about Jim Johnson, you can use just the first name (Jim) or first initial with last name (J. Johnson) with no other identifying information. If the text or email is sent to an unintended recipient, they will not have received identifying information, minimizing the risk of a confidentiality breach.
CONFIDENTIALITY NOTICE FOR EMAIL TRANSMISSIONS
Email transmissions from CASA Child Advocates of Montgomery County should also have a confidentiality notice located at the bottom of each email below the signature line. All staff and volunteers should include a confidentiality notice in the footer of their email. Instructions for editing a footer in Outlook can be found at: https://support.microsoft.com/en-gb/office/change-an-email-signature-86597769-e4df-4320-b219-39d6e1a9e87b
“CONFIDENTIALITY NOTICE: The content of this email is confidential and intended for the recipient specified in this message only. It is strictly forbidden to share any part of this message with any third party without the written consent of the sender. If you have received this message in error, please reply to this message and follow with its deletion so we can make sure such a mistake does not occur in the future. Unauthorized interception of this email is a violation of the Electronic Communications Privacy Act, 18 U.S.C. §2510-2521.”
REQUIRED FOR ALL ADVOCATES:
Please confirm that you have received and reviewed this information.