Healthcare and health information technology professionals are entrusted with patient data which, because of its personal nature, requires protection to ensure its confidentiality. To provide this protection, these professionals frequently look to commonly accepted technologies and methodologies to safeguard this data while at rest and in transit. One technology capable of providing this type of protection is encryption. Implementing and managing an encryption solution can certainly be complex. This article seeks to inform anyone entrusted to protect patient data with an understanding of basic encryption processes, an awareness of the security properties provided by encryption, and knowledge of important requirements for effective encryption.