Passwords and encryption
Secure transfer of data
Queensland Health's preferred mechanism for the transfer of files is the secure file transfer system, Kiteworks. Statistical Services Branch (SSB) can provide a link for you to upload your file via Kiteworks at no cost.
If Kiteworks is not available, all transferred files must be encrypted and password-protected to prevent unauthorised access, including transfers of data between Queensland Health staff.
Alternative options include password-protected Microsoft Office files or archives created with file compression utilities such as WinZip, 7-Zip and WinRAR.
How to set up passwords and encrypt files
Note the following ways to encrypt and password protect Microsoft Office files (these options may vary depending on your version of Office):
Option 1 - Go to File, Info, Protect Workbook/Document, Encrypt with password
Option 2 - Go to File, Save As, More options…, Tools, General Options
File compression utilities should have encryption options available when creating or adding files to archives. If you do not have access to a licenced version of one of these utilities, you can use 7-Zip which is free and open-source.
Please note, passwords should never be transmitted in the same message as the protected file. If files are emailed, passwords must be supplied separately (e.g. over the phone).
What does 'password protected' and 'encryption' mean?
Encryption refers to the encoding of information in such a way that it cannot be understood until it is decrypted. A password is a code used to establish an identity - for example, to allow an authorised user access to a place, file or system.
Password-protected files and systems are not necessarily encrypted, however most modern applications should encrypt password-protected files.
File compression utilities should automatically encrypt password-protected archives, so they are a good way to encrypt and protect plain text (unencrypted) files. These utilities have encryption options that allow passwords to be assigned when creating new archives.
Any Microsoft Office files containing sensitive information should be password-protected before being submitted to SSB. Any plain text files (e.g. txt, csv) should be encrypted and password-protected by using a file compression utility to store them in an archive.