Does marking a field as PHI (Personal Health Information) automatically encrypt it?

Does marking a field as PHI (Personal Health Information) automatically encrypt it?

No, marking a field as PHI only enables the system to identify that the values present in it contain personal health information of an individual.

As an additional layer of security, these fields can be encrypted separately. While this isn't mandatory, as a best practice, it's essential to encrypt. Find out more about field encryption.

The encrypted fields are added with Encryption at Rest (EAR) Read more about encryption in Zoho's Encryption Whitepaper

To encrypt/decrypt PHI fields

  1. Go to Setup > Customization > Modules and Fields > [Select the module] .

  2. In the module layout editor, go to the field you wish to encrypt, click the Settings icon and select Edit Properties.
      

  3. In the Field Properties popup, select the Encrypt Field checkbox.
      

  4. Click Done.

  5. Save the layout.

    • Related Articles

    • What kind of encryption is added to the PHI fields?

      Fields that contain personal health information of individuals can be encrypted to prevent unauthorized access. Once encrypted, the fields are added with EAR. Encryption at Rest Refers to data that is encrypted when it is stored (not moving) — either ...

    • How does Zoho CRM help organizations be HIPAA Complaint?

      At Zoho CRM, we allow organizations to be compliant with the HIPAA guidelines by providing the following options:   Select modules that contain personal health data: All modules that contain protected health information must be selected. Both ...

    • How does Zoho manage personal health information fields to comply with HIPAA?

      The Health Insurance Portability and Accountability Act (HIPAA), which includes the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act), requires Covered Entities and Business ...

    • What kind of restrictions can be set for the PHI fields under HIPAA Compliance?

      A total of 25 fields in each module can be marked as personal health data containing fields. Once marked, there are certain restrictions that can be set to prevent unauthorized access to the sensitive values present in the fields. Note: Lookup, ...

    • How do I configure HIPAA Compliance in my CRM account?

      With more healthcare organizations using CRM to run their business smoothly and store customer information in a shared database, it is crucial that they can ensure the confidentiality of an individual's health information.  In Zoho CRM, we provide ...