Whole Disk Encryption (WDE)
To comply with new Massachusetts data protection regulations, which take effect on March 1, 2010, Information Technology must make several changes to our policies and technologies. The new regulations:
- Require all HMS mobile devices be encrypted;
- Govern how employees are allowed to keep, access and transport records containing personal information outside of business premises;
- Require that an institution knows where every computing system, -- including laptops and portable devices -- containing personal information is located;
- Require reasonable monitoring of systems for unauthorized use/access to personal information.
To read more about the Massachusetts law, review the Standards for the Protection of Personal Information of Residents of the Commonwealth (PDF download)
To view some commonly asked questions the regulation and its implementation, review the Frequently Asked Question Regarding 201 CMR 17.00 (PDF download)
Whole Disk Encryption Software
HMS Information Technology has licensed PGP Software. PGP provides a secure computing environment to ensure protection of High Risk Confidential Information.
PGP is available at no cost to active HMS/HSDM faculty and staff members for use on Harvard owned computers.
Prior to installation you must contact your departmental Client Services Representative or the HMS IT Help Desk so that you can be granted rights to install the software.
Review frequently asked questions about PGP.
Note to Macintosh Users:
The current version of PGP is not compatible with OS X 10.7 (aka Lion), Apple's latest operating system. If your laptop computer requires encryption, please contact your departmental Client Services Representative for assistance.
Download installations instructions and PGP software for Macintosh and Windows Computers
Remember you must contact HMS IT prior to installing the software or you will be unable to complete the data encryption process.
If you are traveling with an encrypted laptop
Please be aware that some countries, including the United States of America, have restrictions on exporting encryption technology. If you are traveling abroad, you may want to:
- Read Best Practices While Traveling, by John Dasher, Director of Product Marketing for PGP Corporation.
- Review import and export restrictions of encrypted data, which varies by country.
If you have additional questions about any aspect of these regulations, please see the Harvard University Enterprise Information Security Policy or contact the Help Desk at 617-432-2000 or help_desk@hms.harvard.edu.
Last Updated August 17, 2011
Copyright 2013 by the President and Fellows of Harvard College.
Site Updated: 5/17/2013
