You’ve heard it before. Sensitive information being sent by email must be encrypted. This is required by HIPAA for “covered entities” including doctors and other healthcare providers sending patient information by email. Other businesses (and individuals) should use encrypted email to protect confidential information such as passwords, social security numbers, credit card numbers, financial information, tax documents, and other private corporate information.
Why can’t you send Private information in a regular email?
Sending email is like sending a postcard. The message can be viewed by any mail server that handles the message and it can be viewed by anyone who has access to your email. Sending an encrypted email is like sending the message in a sealed envelope. The message can only be viewed when the envelope is opened using a special code.
Encryption scrambles the text using a mathematical algorithm. This prevents the sensitive data from being accessed by someone other than the intended recipient. The special code used by the intended recipient is the encryption key that converts the text back to its readable form.
How do you send an encrypted email?
The way to send an encrypted email varies depending on what type of email you use. Individuals can use a third party app such as Virtru, Sendinc, or Lockbin (choosing the app that works with your email service).
Businesses benefit from using a business solution. Using a business encryption service such as Zixcorp, Barracuda, Symantec or Office 365, simplifies the process of sending encrypted emails for your employees. Settings can be configured so that all outgoing emails containing certain characteristics (such as containing a Social Security number) automatically get encrypted. Writing the word “Secure” in the subject line of the email can be a method to encrypt a specific email. The recipient of the email enters a passcode provided separately in order to open the email. Using a business solution can simplify the process for receiving encrypted emails. Protected content can be shared between users within the same organization or across organizations that use the same service without the recipient having to enter a passcode. By the way, email encryption is included (at no additional cost) in Office 365 as part of the Windows Azure Rights Management offering.
How do you open and read an encrypted email?
If you receive an encrypted email (that is not sent through a Business solution that you use), you’ll see a message that says that you should open the attachment and follow the instructions to view the message using the email address to which the message was sent.
When you download and open the message, you’ll be provided with instructions to view the message. If the message was sent via Office 365, a webpage will open and you’ll be provided two options to view the message: to sign in with your Microsoft account or to request a one-time passcode.
If you request a one-time passcode, you’ll receive the passcode in a separate email.
Enter the passcode that was sent to your email into the indicated box on the webpage. Note that you only have 15 minutes in which to use the passcode to unencrypt and view the message.
After you enter the passcode, you’ll be able to view the secure message that was sent to you. As you can see, it is very simple to receive an encrypted email but it is necessary to follow a few steps before you can actually view the message. If the message is sent via a business email encryption solution and your company uses the same encryption solution, you will not need to take these steps to view the message. The email solution will send the message in an encrypted state and will unencrypt it at its destination. This is why companies sending secure information choose to use a business email encryption solution.
If you are interested in learning more about implementing secure email solutions at your company, call us. Big Idea Technology will help you choose a solution to meet your needs, brand the emails with your logo and colors, and get you started.