The Data encryption policy, from TechRepublic Premium, describes the data protection requirements for all organization data accessed using, or stored on, any electronic device, computer, network or system.

From the policy:

Purpose

The policy’s purpose is to define for employees, computer users and IT department staff the encryption requirements to be used on all computer, device, desktop, laptop, server, network storage and storage area network disks and drives that access or store organization information to prevent unauthorized access to organization communications, email, records, files, databases, application data and other material.

This policy, from TechRepublic Premium, can be customized as needed to fit the needs of your organization.

Scope

All IT staff, employees, contractors, volunteers, board members and users of any organization-provided computer, device, desktop, laptop, server or other electronic component are covered and bound by the policy’s terms. All electronic devices that access and/or store organization information, including portable and external hard disks and flash drives, are included within the scope of this policy and its requirements.