As the digital world grows, so does the need to protect personal and sensitive information. Encrypting custom help desk fields is essential for securing data from unauthorized access and identity theft. Desk365 provides this security through field-level encryption using Advanced Encryption Standard (AES). In this guide, we will walk you through encrypting custom help desk fields in Desk365, emphasizing the importance of HIPAA compliance for handling sensitive healthcare information.
Overview of field-level encryption
Field-level encryption ensures that sensitive information stored and transmitted through Desk365 is secure. This process involves converting data into ciphertext, making it unreadable without the decryption key. For healthcare providers and organizations dealing with electronic personal health information (ePHI), this is crucial for compliance with the Health Insurance Portability and Accountability Act (HIPAA).
Permissions required
Anyone can use the field-level encryption feature. However, only agents with access to Settings can configure it.
Key points to remember
- Scope: Only custom text fields data can be encrypted.
- Organization-Wide: Encryption applies at the organization level, including all departments.
- Availability: Custom field encryption is available upon request and incurs an additional cost. For trial users, custom field encryption is automatically enabled. However, for current Pro Users, it needs to be requested separately. If you’re a Pro User and want to enable this feature, please contact our support team to discuss the additional costs and setup process.
- Field Type: Encryption is applicable only to text field types.
- API Support: Encrypted data is accessible via APIs.
- Integration: Encrypted fields can be used in custom functions and all integrations.
Limitations
- Reporting: Encrypted fields cannot be used in Reports
- Automation Rules: Encrypted fields cannot be used as conditions in automation rules.
- Advanced Filters: Encrypted fields cannot be utilized in advanced filters, search or sort options.
Step-by-step guide to encrypt custom fields
- Navigate to Settings > Admin > Ticket Fields.
- Select the Encrypted Text Input under Encrypted Field Types.
- Edit the field type and label it appropriately for agents and contacts.
- Check the “Mark as ePHI” box and click Save.
- Add the encrypted field to the desired ticket form.
Example Ticket showing Encrypting ePHI Custom Help Desk Fields
Let’s say a healthcare organization needs to create an Appointment Form that complies with HIPAA regulations. Specifically, they need to encrypt sensitive patient information within their Desk365 help desk system. Here is how the admin implements the encryption.
Step 1: The admin heads over to the Ticket Fields section and creates custom ticket fields such as appointment date.
Under the Encrypted Field Types, the admin chooses the encrypted text input option and labels the field types accordingly such as Patient ID and Patient Name making it understandable that the data entered in this field will be encrypted, making it unreadable.
The ePHI label indicates that the field contains electronic Personal Health Information (ePHI), which requires extra security and compliance measures.
Step 2: The admin includes the encrypted field in the Appointment Form ensuring that whenever a new ticket is created using this form, the PHI Data Field information will be encrypted.
Step 3: The admin creates a new ticket to verify that the PHI Data Field is functioning correctly and that the entered data is encrypted.
By following these steps, the health care clinic has successfully encrypted the PHI Data Fields in their Desk365 help desk system. This action ensures HIPAA compliance and secures sensitive patient information from unauthorized access.