Encryption algorithms are actually quite difficult to implement correctly. Not every programmer is going to be able to get it right.
This is why you should be sure your encryption software has been certified. Once again, governments, militaries, and HIPAA all require certification, why wouldn’t you?
Without certification, you cannot know if your encryption is working. That is why the US, British and Canadian governments got together to set up labs that will review the code and test the software. Once software has been certified by one of these labs, it will display the FIPS (Federal Information Processing Standard) certification, as well as a certificate number. That number allows you to go to the FIPS web site and compare your software with the certified software to ensure that it hasn’t changed since it was certified.
Once again, it doesn’t cost you anything extra for the peace of mind that certified software brings. Don’t settle for anything else.