Complete your AMIE Attestation
All School of Medicine personnel must complete a Data Security Attestation
Your AMIE Attestation Page:
If, in your work at Stanford, you may access or receive High Risk Data, you should attest Yes and your security compliance will be reported by the SoM system, AMIE (Am I Encrypted). You will also be asked to provide the devices you use for Stanford work, whether or not they will actually store High Risk data.
If, in your work at Stanford, you will NEVER receive or access High Risk Data on any device, you may attest No and your compliance will be reported by the UIT system, My Devices.
Your attestation should be renewed annually and updated if your affiliation, job, or role within the School of Medicine changes.
Information Security Requirements Based on Attestation
Your Attestation affects the compliance standards that apply to you
All SoM Personnel and Affiliates Must Complete an Attestation |
||
---|---|---|
If You Attest YES |
If You Attest NO |
|
Your Compliance Should be Managed By: | SoM AMIE |
UIT My Devices |
ALL Stanford-owned Computers you Use | Must be encrypted SWDE/BigFix/Jamf required to verify encryption |
Must be encrypted SWDE/BigFix -or- VLRE required to verify encryption |
Personally-owned Computers used for Stanford Work | Must be encrypted SWDE/BigFix/Jamf required to verify encryption |
Must be encrypted SWDE/BigFix/Jamf -or- VLRE required to verify encryption |
For Mobile Devices | MDM is required for devices used for Stanford work, regardless of ownership. |
|
Backup of Laptops/Desktops |
Daily, encrypted backups are required. SoM provides CrashPlan licenses for all SoM personnel, you can add a secondary password on your backups for additional protection. |
|
Automatic Forwarding of @stanford.edu Mail |
Must not auto-forward to anything other than @stanfordmed.org, @stanfordhealthcare.org, @stanfordchildrens.org | May auto-forward email |
CoSoSys Endpoint Protector verifies external USB storage is encrypted |
Software will be installed on both Stanford-owned and personally-owned computers |
Not required to be installed |
Unsupported Operating Systems | Must be upgraded, replaced, or have an approved security exception * |
|
* A Temporary Security Exception can be requested for devices that cannot meet security requirements but are used to control scientific equipment or specialized facilities. Exceptions can be submitted at https://uit.stanford.edu/security/exception-request |