Encryption is only part of email compliance
Get 2 months free
Encryption is important for protecting patient information, but encryption does not guarantee privacy compliance or security. Email encryption can be difficult to manage. Especially when sending between different email services.
Issues with traditional email encryption:
Different systems don’t always share the same encryption methods and so encryption may be discarded as the message passes onto your recipient’s email provider.
Some encryption systems require the installation of software by the recipient as well, or additional messages to share a decryption key. This can be very difficult for many users to manage, especially when communicating with patients.
Encrypted messages sent through regular email can still be intercepted and decoded later.
Traditional email travels the internet through unidentified and untraceable servers this prevents the information from being tracked and makes it impossible to maintain chain-of-custody. Each transition point in the path of a traditional email (see diagram) is a potential interception point.
Traditional email (encrypted or not) is the most common way ransomware enters healthcare organizations. The habit of using traditional email puts your clinic at risk.