Part of GDPR (General Data Protection Regulation – more here https://technologytamed.com/gdpr/) is assessing the way you store patient data. Many businesses use to removable USB drives which are then taken offsite. When assessing your GDPR risks you may decide that you would like to also encrypt portable drives you use that may contain personal data.
The following gives you step by step instructions on how to use one of the most popular encryption methods: VeraCrypt (which is derived from TrueCrypt).VeraCrypt will work on Windows, Mac, Linux and other operating systems.
Encrypting with VeraCrypt
The actual encrypting of the drive can take a long time, so allow plenty of time.
- Download VeraCrypt from https://www.veracrypt.fr/en/Downloads.html. Note that you can also download a PGP Signature to verify the download.
- Double click on the downloaded file and click I accept the license terms and click Next:
- Ensure Install is selected and click Next:
- Click Install:
- Click OK for both messages and then Finish.
Encrypting the USB device
- Connect your backup USB device. Note the drive letter that is assigned to this device (you may need to open File Explorer to check the drive letter):IMPORTANT NOTE: It is extremely important you chose the correct drive and device in the following instructions. If you do not there is the possibility that you could delete or encrypt data by mistake. If you do not feel confident doing this then we would recommend you get assistance from an IT professional or someone who is confident at identifying the correct USB device.These directions are given to you in good faith – the Technology Tamed team will accept no responsibility if you delete or encrypt data by mistake.
- Double-click on VeraCrypt:
- Select Volumes, Create New Volume:
- Choose Encrypt a non-system partition/drive and click Next:
- Select Standard VeraCrypt volume and click Next:
- Click Select Device and select your device and click OK. Note it is very important to select the correct drive (you don’t want to encrypt or delete data on the incorrect drive – this is where knowing the drive letter can be helpful). Click Next:
- Be very careful what you select in this window. Read the notes given on the window and then select whether to encrypt the volume and format it or Encrypt partition in place. IMPORTANT NOTE: if you encrypt the volume and format it ALL the existing data on the drive will be lost.
- Select the Encryption Algorithm you wish to use (the defaults of AES and SHA-512 are fine for most purposes) and click Next:
- You can use the Volume Size as a double check that you have selected the correct drive and then click Next:
- Enter a password. We would recommend you enter a strong password of 10 characters or more, including upper case, lower, case, numbers and special characters.
IMPORTANT NOTE: You will need to use this password if you wish to access the drive so ensure you type it in correctly and do not forget it!.
- Select whether you will be storing large files of more than 4GB and click Next:
- VeraCrypt includes a random pool. This is collected from you moving your mouse. So move your mouse as randomly as possible and don’t stop until the Randomness bar is fully green:
- Click Format.
- If you have chosen the Format option you will be warned that all your data will be lost:
- The USB device will be formatted. The green status bar gives you an indication of progress. Note that it takes a long time to encrypt, so be patient:
- The following two messages will be displayed when the encryption is complete:
- Click Ok and then Exit.
Opening the USB device:
- Insert your USB device.
Ignore any messages you get that the device needs to be formatted – this is because Windows no longer recognises the USB drive because it has been encrypted.
- Open VeraCrypt.
- Click Select Device:
- Select the Removable Disk drive that you want to open (similar to shown below). NOTE YOUR DRIVE LETTER MAY BE DIFFERENT TO THAT SHOWN:
- Click on Mount:
- Enter your password and click OK:
- You will see that the following message will be displayed:
- The drive will be mounted. Note that it may not display the drive letter you expect and it may not display within File Explorer with the description you expect.
Note that you will not be able to open the USB drive without VeraCrypt.
Technology Tamed Limited