Understanding E-mail Encryption

The subject of encryption has been very prevalent in the news recently, and those in the healthcare industry likely encounter the topic on nearly a daily basis. Security threats to a physician practice’s private communications may seem like a necessary evil in today’s world, and yet they do not have to be. One tool healthcare professionals can utilize is email encryption.

The science and algorithms that make modern encryption standards possible are fascinating. Three types of email encryption methods utilized today are:
1. Domain-to-domain encryption (also known as “Boundary Encryption”): Creates a secure email network between an organization and nominated business partners with Transport Layer Security (TLS). All emails sent and received are encrypted.
2. Policy-based encryption: Establishes rules and parameters that will automatically encrypt emails based on words and phrases (i.e., “patient name” or “SSN” included in the email).
3. Sender-based encryption: A sender decides which emails should be encrypted. Recipients who do not have the same email encryption software are given a "pull" delivery method for access through a secure, mobile-friendly web portal. The encryption software portal sends a notification email that links and “pulls” recipients to the portal where they can read, reply and reply-all to encrypted messages.

In addition, there are two basic types of email infrastructures that support encryption. The first is onsite, also called in-house email management. The other is hosted email, where the healthcare organization outsources its email services to a third party provider.

The benefits of utilizing a hosted email service, instead of onsite management, are tremendous for healthcare providers of all sizes. Studies comparing both types of IT environments have repeatedly shown the overall cost of hosted email is significantly lower. Hosted email providers also offer a team dedicated to customer support, even outside of normal business hours, to ensure email is available at all times. Hosted email providers have the expertise and bandwidth needed to manage email effectively.

If you have questions about the online security of your practice, or Precision’s hosted email options with encryption capabilities, please contact Precision’s IT Department at HelpDesk@precisionpractice.com or 314-881-5299.