Friday, November 16, 2007

Our Secure email strategy

Here's the third in my series on providing secure, spam free, virus free email to 25,000 users.

Regular email that travels over the internet is completely insecure. It's about the same as sending a postcard, since any server administrator or network expert could intercept and read mail as it goes from sender to receiver.

For healthcare email, especially messages containing protected health information (PHI), secure email between organizations is a best practice consistent with the spirit of HIPAA. Over the past 5 years, many organizations in the Massachusetts healthcare community have implemented secure email for all traffic between organizations.

We started the process the in 2002 by working with leading vendors of messaging systems to harmonize the standards used to send email. We used the Internet Engineering Task Force's (IETF) Request for Comment (RFC) process to complete the specifications for S/MIME Gateways. Since that time, another approach called Open Pretty Good Privacy (OpenPGP) has also become popular in the messaging market. A comparison of these two standards is here

Today, Beth Israel Deaconess Medical Center, Children's Hospital, Tufts Health Plan, Harvard Pilgrim Health Plan, and the Division of Medical Assistance (Medicaid) are using gateways that support S/MIME and OpenPGP. Here's how it works. Someone at BIDMC sends an email from a web browser or their email program and it passes into our Microsoft Exchange email server. Between Exchange and the internet, we've inserted the Tumbleweed Secure Messenger. It has a list of all our business partners with secure email systems. If an email is sent to one of these partners, the email is encrypted and sent to the receipient's secure email gateway. Other emails are sent insecurely via the regular internet methods. We are also piloting content filtering systems that identify insecure emails containing credit card data or patient identifiers so we can quarantine those before they are sent over the public internet.

The best feature about this secure email approach is that users do not even know we have it in place. Security is organization to organization, not person to person, so no special email clients or digital certificates are needed. It's seamless, effective and low cost.

As you can tell from my last three posts, supporting spam-free, virus free email is a major undertaking.

1 comment:

tdbaker1 said...

Sounds like a good stratagy for dealing with other large healthcare organizations, but what about working with smaller physician offices?

Contact with them generates a huge amount of fax traffic. This type of traffic tends to require a lot of paper, equipment and people power.

Have used any type of portal type system. Seems like I saw a product that sent an email to the recipient and then linked them into a secure portal for obtaining the actual email and attachements.