How Email Works

HIPAA email encryption chart1

By default, whenever you send or receive email you must connect through the Internet to an email service provider/email server. The reality is most email service providers do not implement any security measures, whatsoever. This means everything you send to or receive from your email service provider is unsecure, including your username, password, email messages, attachments, who you are sending to, and who you are receiving from.

HIPAA compliant email encryption chart2

It gets worse! Most email service providers connect to other email service providers without any encryption. If the other party is not using a secure email service, their emails can also be compromised. So, the emails you send and receive through the internet are wide open, unsecure, and can be easily intercepted by thieves. This is one of the main causes for identity theft, spam, and security breaches.

 

HIPAA Email Encryption

HIPAA email encryption chart3

Unlike other email service providers, Email Pros encrypts all connections between our servers and your computers and mobile devices. We also encrypt our webmail interface so you can securely access your email anywhere using a web browser. Any sensitive information you send to or receive from our email service is 100% secure. Just imagine your organization in a completely secure, private Cloud.

HIPAA compliant email encryption chart4

All email communications within your organization and between other Email Pros customers are 100% secure. The user experience for sending and receiving email is seamless and does not require any additional steps, plug-ins or certificates to install to encrypt or decrypt messages; all security is automatically handled by our servers. In other words, you can use email as you normally do, in a completely secure environment.

HIPAA email encryption chart5

HIPAA requires that all Covered Entities or healthcare professionals use encryption to transmit data over the internet to each other. The current email encryption standard is Transport Layer Security (TLS) for data in-transit. This ensures that email servers transmit data back and forth with users and other servers securely over an encrypted connection. When both emails servers use TLS, the user experience between the sender and the recipient is seamless.

HIPAA compliant email encryption chart6

Patients are not covered entities, so they are allowed to use any email service they want, even if it's their personal (unsecured) email address. Covered entities cannot legally force patients to use secure email to communicate with them. However, HIPAA requires that covered entities receive incoming emails securely. We cover that by protecting all incoming emails as soon as they arrive at our servers and delivering those messages to you securely.

HIPAA email encryption chart7

When the recipient does not have secure email, we offer Message Encryption that will deliver your email and attachments to them through our secure webmail system. All you need to do is type the word secure into your subject box and we do the rest. The recipient can also use our secure webmail system to send secure messages and attachments back to you. You can send secure attachments up to 2GB to anyone using our Secure File Link feature.

Finally, our Data Loss Prevention (DLP) system scans all outgoing emails (sent outside our secure network), including attachments, for sensitive information such as social security numbers, credit card numbers, etc. If it detects that you are sending sensitive information, it will quarantine the email and give you options to: send as-is or send encrypted. You no longer have to worry about employees leaking sensitive information through email again!

Your ISP's Email Is Not Secure

Switch to HIPAA Compliant Email Today