February 08, 2010
HIPAA Compliance and Email Encryption: Crystal Run Healthcare's use of Proofpoint
The publishers of the always-informative online publication Bank Info Security are now tackling the healthcare industry with a new site called Healthcare Info Security. This site should be a great resource for HIPAA and HITECH compliance information and other technology issues that face the healthcare industry.
In one of the first articles posted to the site, Proofpoint customer Crystal Run Healthcare discusses how they solved their secure email issues and protect private health information (PHI) in email.
In "Secure E-mail Cures Headaches," IT director Miguel Hernandez discusses how email encryption is used to secure communication between doctors and patients, share private information with business partners including accountants and lawyers and help with ensuring HIPAA compliance.
"Considering the cost of secure email, as opposed to the cost of litigation over a HIPAA violation," says Hernandez, "It's certainly worth it."
The article is a good view into the real world issues that all types of healthcare organizations are facing vis-a-vis securing email. Several other Proofpoint resources related to email encryption, HIPAA compliance and the healthcare industry include the following whitepapers:
Whitepaper: HIPPA and Beyond: An Update on Healthcare Security Regulations for Email
Whitepaper: Protecting Enterprise Data with Proofpoint Encryption
I think that one of Proofpoint's email encryption solutions is Voltage SecureMail for larger enterprises.
Smaller companies and individual can use Voltage SecureMail through the Voltage Security Network. Voltage SecureMail has Outlook plug-ins or you can use a web interface for sending encrypted email. Messages are completely controlled by the sender and recipient in their sent folder and inbox. No messages are stored on servers.
Recipients don't need any special software to decrypt and read their messages, just a browser. And recipients don't need to pay to read their email. In fact, they even get free support from Voltage. It's much easier to use than PGP, S/MIME or other older solutions...and just as secure...which is probably why they can afford to offer free support to their customers and recipients...unlike those other solutions.
It's an ideal solution to help address state privacy regulations in Massachusetts and Nevada as well as the more general HIPAA, SOX, PCI requirements, etc.
There is a free trial at: www.voltage.com/vsn
Posted by: MJ | March 05, 2010 at 12:28 PM