Complete your AMIE Attestation

All School of Medicine personnel must complete a Data Security Attestation

Your AMIE Attestation Page:

If, in your work at Stanford, you may access or receive High Risk Data, you should attest Yes and your security compliance will be reported by the SoM system, AMIE (Am I Encrypted). You will also be asked to provide the devices you use for Stanford work, whether or not they will actually store High Risk data.

If, in your work at Stanford, you will NEVER receive or access High Risk Data on any device, you may attest No and your compliance will be reported by the UIT system, My Devices.

Your attestation should be renewed annually and updated if your affiliation, job, or role within the School of Medicine changes.


Information Security Requirements Based on Attestation

Your Attestation affects the compliance standards that apply to you

All SoM Personnel and Affiliates Must Complete an Attestation
  If You Attest YES
If You Attest NO
Your Compliance Should be Managed By: SoM AMIE
UIT My Devices
ALL Stanford-owned Computers you Use Must be encrypted
SWDE/BigFix/Jamf required to verify encryption
Must be encrypted
SWDE/BigFix -or- VLRE required to verify encryption
Personally-owned Computers used for Stanford Work Must be encrypted
SWDE/BigFix/Jamf required to verify encryption
Must be encrypted
SWDE/BigFix/Jamf -or- VLRE required to verify encryption
For Mobile Devices MDM is required for devices used for Stanford work, regardless of ownership.
Backup of Laptops/Desktops
Daily, encrypted backups are required.
SoM provides CrashPlan licenses for all SoM personnel, you can add a secondary password on your backups for additional protection.
Automatic Forwarding of @stanford.edu Mail
Must not auto-forward to anything other than @stanfordmed.org, @stanfordhealthcare.org, @stanfordchildrens.org May auto-forward email  
CoSoSys Endpoint Protector verifies external USB storage is encrypted
Software will be installed on both Stanford-owned and personally-owned computers
Not required to be installed
Unsupported Operating Systems Must be upgraded, replaced, or have an approved security exception *

* A Temporary Security Exception can be requested for devices that cannot meet security requirements but are used to control scientific equipment or specialized facilities.  Exceptions can be submitted at https://uit.stanford.edu/security/exception-request