Encryption in Applications
You can encrypt data inside your application, even before it is sent to the server. This allows encryption to be used selectively, for only the most sensitive information you intend to send.
You are strongly recommended:
Always to maintain the secrecy of your encryption key: by means of either a secure key ring, or a hardware security module (HSM).
Always to use a standard encryption library to encrypt data; and never to rely on in-house encryption or key-management solutions.
Never, when managing documents, to include sensitive information in the document ID.