These instructions assume Microsoft Windows but are very similar to those for other operating systems.
What is TrueCrypt?
TrueCrypt is a data security tool that creates an encrypted area on your computer’s hard drive or on external storage media such as a USB drive. Encryption is the conversion of data into a form that cannot be easily understood by unauthorized people. TrueCrypt then allows you to treat this encrypted area just like any other drive on your computer. While TrueCrypt is running, encryption and decryption happen automatically and silently, allowing you to work just as you normally would.
Your TrueCrypt drive should be used to store any documents with confidential material, including patient-identifiable information. It is good practice to save any document with patient information into a TrueCrypt folder. There is no harm in encrypting (though it does prevent two people from working on the same file at the same time), so when in doubt, encrypt!
How to Use TrueCrypt
- Install TrueCrypt VERSION 7.1a by visiting https://www.grc.com/misc/truecrypt/truecrypt.htm and clicking on the installation package appropriate for your operating system at the bottom of the page. You will need administrative access to your computer to successfully install the software.
Creating a Volume
- Once the application is installed, navigate to the Start Menu and launch TrueCrypt.
- You will be asked if you would like to follow a tutorial. Since you are following these instructions, skip it and you will see the following screen.
Click on the “Create Volume” button (circled above).
- TrueCrypt has the ability to provide whole-disk encryption for your hard drive. For our purposes, however, we will simply create a local container that can be used to store our sensitive files, so select “Create an encrypted file container” in the TrueCrypt Volume Creation Wizard.
- The Wizard will ask you to choose between creating a standard or hidden volume. A hidden volume adds a layer of potential security more applicable to situations other than what we describe here by obscuring the file’s location; it does not change the encryption level. For the purpose of these instructions, choose “Standard TrueCrypt volume”.
- Pick a name and location for you volume. Keep in mind that the host drive you choose must have enough space for the volume you wish to create. Pick a location that will be easy for you to navigate to and remember. If you’re not sure what to choose, pick your desktop. The “volume” is just a file. You can move it later if you wish. Your encrypted volume will appear as a blank page icon with the name you chose, in the location you chose.
- Choose your “Encryption Algorithm” and “Hash Algorithm”. All encryption schemes provided by TrueCrypt are adequate options.
- Select the volume size. Think about the size of the files you will be storing and choose a corresponding volume size. Odds are good that you have space to spare on your work computer (as long as you don’t store lots of music on it), so when in doubt, choose a larger size than you need if you are encrypting a database. Double the size of your raw data file will ensure you don’t run out of room for a while. Don’t worry, if the encrypted volume does run out of room, you can repeat this process to create a new, larger volume and copy the secure data over to it.
- Create a password. This is a very important step! Assuming you are using encryption, then poor passwords and poor password management are usually the weakest part of any security protocol. See CCHP’s recommendations on creating a strong password in Module 2.
- Before you create the actual volume, the Volume Creation Wizard will ask if you intend to store large files. If you intend to store files larger than 4GB within the volume, tell it so—it will tweak the file system to better suit your needs.
- To format your volume, you will have to move your mouse around within the TrueCrypt dialog window to generate some random data. Spend 30 seconds doing this. Once you are finished, click “Format”.
- You will now be returned to the original TrueCrypt interface. If you want to create additional volumes, repeat these instructions from Step 3.
Accessing your TrueCrypt Volume(s)
- Open TrueCrypt if it is not already open.
- Choose a drive to which you will “Mount” your volume. To your operating system, a TrueCrypt file appears as if it were a normal hard drive when “mounted” (i.e., in use). The T: drive is selected in the following example. You can select any drive letter that is not already in use and is not normally used on your system.
- If your file path is not automatically selected, click the “Select File…”, button and navigate to your desktop to select your volume.
- Once the file is selected click the “Mount” button.
- Enter your password. Click “OK”.
- Your volume should appear as whichever drive you selected in Step 2.You can navigate to your mounted drive by using the Start Menu and going to “Computer” (or “My Computer” depending on your Windows version)
- IMPORTANT: When you are finished working in TrueCrypt, close the program you were using to view or edit your encrypted data. Close the encrypted folder (which appears as a drive with the letter you selected).The TrueCrypt dialog box will still be open. Click the “Dismount” button to lock the folder and encrypt your work. The documents are not secure and encrypted unless you Dismount!