Tag Archives: send and receive attachments

When your lawyer doesn’t use secure email to exchange confidential information – and sends the wrong file attachment to opposing legal counsel

I have communicated with my lawyer over email for years. Every time I hit ‘send’ or open an email from my lawyer, I have always felt uncomfortable and vulnerable about the lack of security surrounding the exchange. The sensitive information and super-confidential details included in the body of the email often include financial information and legal strategy discussions. Not to mention the email attachments which often include copies of financial statements or draft responses to opposing counsel.  This private information which is intended to be classified as ‘privileged and confidential’ can easily be cyber-attacked and intercepted. My legal counsel exchanges confidential information with both me and opposing counsel.  The communication exchange methods include unsecured fax which can also easily be intercepted. Faxes are paper-based and are often printed in public office spaces. I have never insisted on a secure email solution from my attorney because I naively felt that if there was a straightforward solution available, the law firm would undoubtedly have adopted it by now. After all, the responsibility for ensuring that confidential legal email exchanges remain secure lies with the legal firm, not the client.   But a recent situation with my legal firm has zapped me out of complacency and into insisting that my lawyer adopt an email encryption solution to secure my email transactions and records. In this particular situation, my attorney and I were involved in hot negotiations with another party and working on a 10 page proposal to be presented to opposing counsel. As the client and active participant, I literally spent at least 15 hours working on the proposal to ensure it was positioned perfectly. To accomplish this, my attorney and I emailed 10 versions of the draft proposal back and forth as email attachments. When it was finalized, I gave my lawyer the green light to send the proposal to opposing counsel. Unfortunately, the wrong version of the proposal was faxed to opposing counsel by the legal firm’s receptionist.  It was void of important changes in strategy and points included in the final version of the proposal.  Because it was sent by fax, there was no way to retract the proposal. Re-sending the correct version of the proposal to opposing council would only have served to highlight the changes in the document and divulge the evolving strategy.  There was nothing I could do except deal with my frustration. The following ‘fix’ may appear biased. But this is a true account of my unfortunate experience, and email2’s secure email is truly the ideal solution to address the discomforts outlined in this blog post. Firstly, email2’s secure email would ensure that my private email exchanges (and attachments) with my lawyer are as secure as internet banking. Secondly, email2 would be able to repair the erroneous send of the older version proposal.  Had the legal firm adopted email2’s encrypted email solution, the message and file attachment could have instantly been recalled – even if opposing counsel had opened and read the email and attached proposal.  The email and attached wrong version proposal would have instantly been fully recalled (pulled) from opposing counsel’s inbox, and the correct version would have been re-emailed. Third, I have also been in a position where the legal firm does not hear back from opposing counsel for weeks, and we’re never sure if opposing counsel has received or read the proposal. They simply go dark. Are they away? On vacation? With email2, my lawyer would have access to message tracking capabilities and instant visibility into what happens to an email after it’s sent. Was the message and attachment received? Read? Printed? Deleted? Saved? email2 also provides functionality to prevent opposing counsel from forwarding, saving or printing the email and attachment for full control of confidential exchanges. email2 does not require my legal firm or me (the client) to change their existing email – including my use of Outlook, Blackberry, or Yahoo.  So there should be no reason why clients can’t insist that their legal firm of choice adopt a solution that provides secure email and controls. Join the discussion. Tell us your stories about unsecured communication with your legal firm. Ariane Laird recently joined email2. email2 enables professional services organizations to securely send, receive, track and automate delivery of confidential email and large attachments outside the organization – without requiring staff or recipients to change their existing email.

5 ways medical clinics can use encrypted email to address compliance and productivity

Medical clinics emailing confidential patient health information

Health care professionals – including nurses, physicians, medical assistants, and health insurance providers – know they need to be more efficient, green and provide better service to their patients. But let’s face it. It’s almost 2012 and we’re still using in person visits, phone, faxes, mail and couriers as our primary tools for exchanging sensitive patient information with both patients and other healthcare organizations. Why? Because these methods are seen as more ‘secure’ than sending an instant email. Or are they? The truth is that these antiquated and inefficient methods for exchanging confidential patient health information are not secure and can be just as easily intercepted as unsecured email.  The use of phone and in-person visits may also not be feasible communication methods for disabled or ill patients who may either be bed-ridden or unable to speak. Below are 4 ways to help address compliance technical security safeguard standards (including HIPPA) with the use of encrypted email to securely exchange private patient health information (PII & PHI) between healthcare offices and:
  • patients
  • health insurance providers
  • other health care practitioners

1. encrypted email for medical offices

Unlike faxes or unsecured email, encrypted email is ultra secure because it is sent using an end to end ‘pipe’ that cannot be intercepted during the many stops encountered on its internet journey to get to its final destination. There are many encrypted email solution providers, but most are highly complex and require staff and patients and other external healthcare recipients to change the way existing email is currently used. Unfortunately, the secure email solution will end up being shelved if it requires the sender and recipient to change the way they use email. We recommend adopting a solution that does not use cumbersome encrypted keys and instead uses a ‘cloud’ solution (virtual servers on the internet) that wraps around any existing email and in effect uses the same technology as internet banking. This allows staff and patients to use secure email, but with the ease of continuing to use their regular email. For instance, if MS Outlook or a Blackberry are used for email, the experience with Outlook and any mobile device will remain unchanged for both staff and the external recipient of the email. A basic encrypted email solution will allow for content to be sent in the body of the email, for example:
  • Ask or answer sensitive and confidential patient-related questions
  • Provide 24/7 asynchronous communication with patients and other external medical stakeholders (does not require that all parties involved in the communication be present and available at the same time)
  • Use email for securely scheduling private patient appointments and gathering sensitive information or providing private instructions prior to the patient’s visit.

2. securely email very large confidential file attachments & medical scans

A big part of the appeal of email is the ability to send and receive attachments of any size in addition to content included in the body of the email. Here are 2 encrypted email file transfer features that are helpful for medical offices:
  • The ability to attach jumbo or even unlimited-size files to emails, so there’s no worry about sending that 8 MB file, or even that 100 MB file!
  • ‘Print to Secure Message’ feature (what you see is what you send). Any scanned document or any content that is typically sent to a printer and distributed via fax, mail or courier will benefit from the PSM application. PSM automatically captures all information viewed on screen rendered by any application – including the internet or proprietary, customized or in-house applications (example: EMR or specialized medical or accounting systems), and sends it to external recipients via encrypted email.
To illustrate:
  • A surgeon or another health professional has asked a medical office for a patient record or copy of an x-ray.
  • Simply click into the office’s third party database or application where these records are kept and instantly capture what is seen on the screen into a file that is emailed securely to the surgeon.
  • Eliminates numrous send steps including the requirement for printing and then using usecured methods for sending the document such as fax or courier.

3. Medical offices - email compliance, non-repudiation, permissions, tracking, reporting, audit trails, & HIPPA

Additional encrypted email features help with adhering to HIPPA and other regulatory compliance standards if email is used to send patient health information to a patient or other external stakeholders. A medical office may have a need to monitor and control what happens to a confidential email and attachments once it’s sent. Here are some examples of some compelling compliance features for encrypted email: Prove that an email was sent, and control, track and report on every step of the email’s life cycle:
  • when a message was received, read, replied to, forwarded, printed, or deleted
  • who the message or attachment was forwarded to (available only to sender)
  • Recall messages anytime – even after the message has been read
  • Include an additional layer of password protection in order to read the email for ultra-sensitive information
  • Prevent emails from being sent unsecured if certain words or patterns are included in the message
  • Authenticate users and recipients. (for example, a recipient may have to enter their SSN and birth date to authenticate their identity before they can access the secure email)

4. secure e-Forms and workflow automation for medical clinics

Today, a patient may visit a medical clinic or website, obtain or print a form, fill it out with a pen, and use time-consuming and unsecured methods for delivering the completed form such as in person office visits, mail, or fax.
  • With Secure e-Forms, any form completed by patients or external healthcare practitioners can now be completed securely online.
  • e-Form customizable fields are placed on any webpage and is completed by the patient or other external partner. e-Form does not require the existing web page to use SLL to safeguard the information submitted.
  • e-Form also securely accepts uploaded addendum files of any size that may be relevant to the particular e-form subject matter, for example a copy of a birth certificate or proof of immunization.
  • Each completed form submission can trigger an encrypted email message that is sent directly to the designated healthcare worker(s)’ existing inbox.
  • The healthcare worker can securely reply to the form submission and engage in a private conversation with the patient or external partner – without divulging the email address or the name of the worker.
  • The submitted data is automatically entered into any third party healthcare application or database, and eliminates time-consuming interpretation of handwriting, data entry, and data entry errors.  Reduces manual collection, filing, archiving and eventual destruction of physical forms.
  • e-Form examples include: secured ‘Contact Us’ form, “Medical History” form, “Appointment” form.
Illustration Example 1 – Ask a physician
  • A medical clinic creates a secure online form on their website that allows patients to securely ask medical questions of a specific physician.
  • The question is sent to the particular doctor’s existing email in-box and the doctor can respond to the question in detail after hours and after referring to the patient’s medical history file.
  • The doctor’s email address may be hidden from the patient to disallow numerous email threads.
  • The patient does not have to leave their home and each answered question may be associated with a fee which provides an additional revenue stream for the medical clinic.
Illustration Example 2 – Transferring patient records
  • When a patient transfers to a new physician, the new physician requires the patients medical history file. This is typically accomplished by courier or unsecured fax.
  • A healthcare office creates a secure online e-form on their website that allows other health care professionals to share patient information and upload any-size file.

5.  Medical offices automation & secure delivery of patient invoices

Most medical offices today manually create and print invoices, place them in envelopes, and mail them to patients.
  • Realize guaranteed efficiencies and cost savings using email2′s automated e-Statements that securely emails hundreds or thousands of patient invoices overnight.
  • e-Statements automatically extracts invoice details from any third party database used by the healthcare offices and content is generated in a format that is ready to be sent directly to patients’ existing inboxes via encrypted email.
  • Eliminates the need for building a secure portal where clients link through to a website and have to remember logins and passwords to access their information. Now, all relevant information is securely delivered via email or attachments to patients without the need for additional steps and linking outside their inboxes.
  • Email Encryption Plus features are used to guarantee email delivery and track and prove when an invoice has been received, read, printed, saved or deleted. Prevents statements such as “Sorry, I never received it” or “It got stuck in spam” and significantly shortens payment cycles.
  • Data Leak Prevention features are used to authenticate patients, and set patient permissions including limitations for replying to, forwarding, saving or printing emails and attachments.
  • e-Statements improves green initiatives and provides an immediate savings of 80% or more by eliminating waste and costs associated with creating, printing, mailing or faxing invoices.
  • Other applications for e-Statements could include employee pay stubs, account statements, health insurance claim transfers or confirmations.

Summary of email encryption benefits for medical offices

Here are the overall benefits of a feature-rich encrypted email solution for healthcare practitioners:
  • Use email to instantly and securely communicate with patients and other health practitioners
  • As easy to use for medical office staff and patients as using their existing unsecured email application
  • The email is guaranteed delivered – and can be proven
  • Instantly send jumbo attachments and any captured information viewed on a computer monitor
  • Track, control permissions, and report on an email’s life cycle after it’s sent
  • Set up secure on line forms for capturing and emailing patient or other health practitioner information
  • Mitigate the risk of a breach of privacy of personal health information
  • Comply with government personal health information laws such as HIPPA
  • Work smarter, faster and greener with less waste created by in person appointments, phone, printing and re-printing, faxing, shredding, mailing and couriers.
  • Provides disabled or ill patients who may be unable to use the phone or attend in person meetings, with a secure communication alternative
  • Provide a better customer service experience to patients and other external stakeholders.
Ariane Laird works with email2, provider of encrypted email and patented compliance and productivity features used by thousands of professionals.
  • Doctors, physicians
  • Medical Clinics
  • Medical Assistants
  • Health practitioners
  • Nurses
  • Health Insurance providers
 

Medical clinics emailing confidential patient health information

Health care professionals – including nurses, physicians, medical assistants, and health insurance providers – know they need to be more efficient, green and provide better service to their patients. But let’s face it. It’s almost 2012 and we’re still using in person visits, phone, faxes, mail and couriers as our primary tools for exchanging sensitive patient information with both patients and other healthcare organizations. Why? Because these methods are seen as more ‘secure’ than sending an instant email. Or are they? The truth is that these antiquated and inefficient methods for exchanging confidential patient health information are not secure and can be just as easily intercepted as unsecured email.  The use of phone and in-person visits may also not be feasible communication methods for disabled or ill patients who may either be bed-ridden or unable to speak. Below are 4 ways to help address compliance technical security safeguard standards (including HIPPA) with the use of encrypted email to securely exchange private patient health information (PII & PHI) between healthcare offices and:
  • patients
  • health insurance providers
  • other health care practitioners

1. encrypted email for medical offices

Unlike faxes or unsecured email, encrypted email is ultra secure because it is sent using an end to end ‘pipe’ that cannot be intercepted during the many stops encountered on its internet journey to get to its final destination. There are many encrypted email solution providers, but most are highly complex and require staff and patients and other external healthcare recipients to change the way existing email is currently used. Unfortunately, the secure email solution will end up being shelved if it requires the sender and recipient to change the way they use email. We recommend adopting a solution that does not use cumbersome encrypted keys and instead uses a ‘cloud’ solution (virtual servers on the internet) that wraps around any existing email and in effect uses the same technology as internet banking. This allows staff and patients to use secure email, but with the ease of continuing to use their regular email. For instance, if MS Outlook or a Blackberry are used for email, the experience with Outlook and any mobile device will remain unchanged for both staff and the external recipient of the email. A basic encrypted email solution will allow for content to be sent in the body of the email, for example:
  • Ask or answer sensitive and confidential patient-related questions
  • Provide 24/7 asynchronous communication with patients and other external medical stakeholders (does not require that all parties involved in the communication be present and available at the same time)
  • Use email for securely scheduling private patient appointments and gathering sensitive information or providing private instructions prior to the patient’s visit.

2. securely email very large confidential file attachments & medical scans

A big part of the appeal of email is the ability to send and receive attachments of any size in addition to content included in the body of the email. Here are 2 encrypted email file transfer features that are helpful for medical offices:
  • The ability to attach jumbo or even unlimited-size files to emails, so there’s no worry about sending that 8 MB file, or even that 100 MB file!
  • ‘Print to Secure Message’ feature (what you see is what you send). Any scanned document or any content that is typically sent to a printer and distributed via fax, mail or courier will benefit from the PSM application. PSM automatically captures all information viewed on screen rendered by any application – including the internet or proprietary, customized or in-house applications (example: EMR or specialized medical or accounting systems), and sends it to external recipients via encrypted email.
To illustrate:
  • A surgeon or another health professional has asked a medical office for a patient record or copy of an x-ray.
  • Simply click into the office’s third party database or application where these records are kept and instantly capture what is seen on the screen into a file that is emailed securely to the surgeon.
  • Eliminates numrous send steps including the requirement for printing and then using usecured methods for sending the document such as fax or courier.

3. Medical offices - email compliance, non-repudiation, permissions, tracking, reporting, audit trails, & HIPPA

Additional encrypted email features help with adhering to HIPPA and other regulatory compliance standards if email is used to send patient health information to a patient or other external stakeholders. A medical office may have a need to monitor and control what happens to a confidential email and attachments once it’s sent. Here are some examples of some compelling compliance features for encrypted email: Prove that an email was sent, and control, track and report on every step of the email’s life cycle:
  • when a message was received, read, replied to, forwarded, printed, or deleted
  • who the message or attachment was forwarded to (available only to sender)
  • Recall messages anytime – even after the message has been read
  • Include an additional layer of password protection in order to read the email for ultra-sensitive information
  • Prevent emails from being sent unsecured if certain words or patterns are included in the message
  • Authenticate users and recipients. (for example, a recipient may have to enter their SSN and birth date to authenticate their identity before they can access the secure email)

4. secure e-Forms and workflow automation for medical clinics

Today, a patient may visit a medical clinic or website, obtain or print a form, fill it out with a pen, and use time-consuming and unsecured methods for delivering the completed form such as in person office visits, mail, or fax.
  • With Secure e-Forms, any form completed by patients or external healthcare practitioners can now be completed securely online.
  • e-Form customizable fields are placed on any webpage and is completed by the patient or other external partner. e-Form does not require the existing web page to use SLL to safeguard the information submitted.
  • e-Form also securely accepts uploaded addendum files of any size that may be relevant to the particular e-form subject matter, for example a copy of a birth certificate or proof of immunization.
  • Each completed form submission can trigger an encrypted email message that is sent directly to the designated healthcare worker(s)’ existing inbox.
  • The healthcare worker can securely reply to the form submission and engage in a private conversation with the patient or external partner – without divulging the email address or the name of the worker.
  • The submitted data is automatically entered into any third party healthcare application or database, and eliminates time-consuming interpretation of handwriting, data entry, and data entry errors.  Reduces manual collection, filing, archiving and eventual destruction of physical forms.
  • e-Form examples include: secured ‘Contact Us’ form, “Medical History” form, “Appointment” form.
Illustration Example 1 – Ask a physician
  • A medical clinic creates a secure online form on their website that allows patients to securely ask medical questions of a specific physician.
  • The question is sent to the particular doctor’s existing email in-box and the doctor can respond to the question in detail after hours and after referring to the patient’s medical history file.
  • The doctor’s email address may be hidden from the patient to disallow numerous email threads.
  • The patient does not have to leave their home and each answered question may be associated with a fee which provides an additional revenue stream for the medical clinic.
Illustration Example 2 – Transferring patient records
  • When a patient transfers to a new physician, the new physician requires the patients medical history file. This is typically accomplished by courier or unsecured fax.
  • A healthcare office creates a secure online e-form on their website that allows other health care professionals to share patient information and upload any-size file.

5.  Medical offices automation & secure delivery of patient invoices

Most medical offices today manually create and print invoices, place them in envelopes, and mail them to patients.
  • Realize guaranteed efficiencies and cost savings using email2′s automated e-Statements that securely emails hundreds or thousands of patient invoices overnight.
  • e-Statements automatically extracts invoice details from any third party database used by the healthcare offices and content is generated in a format that is ready to be sent directly to patients’ existing inboxes via encrypted email.
  • Eliminates the need for building a secure portal where clients link through to a website and have to remember logins and passwords to access their information. Now, all relevant information is securely delivered via email or attachments to patients without the need for additional steps and linking outside their inboxes.
  • Email Encryption Plus features are used to guarantee email delivery and track and prove when an invoice has been received, read, printed, saved or deleted. Prevents statements such as “Sorry, I never received it” or “It got stuck in spam” and significantly shortens payment cycles.
  • Data Leak Prevention features are used to authenticate patients, and set patient permissions including limitations for replying to, forwarding, saving or printing emails and attachments.
  • e-Statements improves green initiatives and provides an immediate savings of 80% or more by eliminating waste and costs associated with creating, printing, mailing or faxing invoices.
  • Other applications for e-Statements could include employee pay stubs, account statements, health insurance claim transfers or confirmations.

Summary of email encryption benefits for medical offices

Here are the overall benefits of a feature-rich encrypted email solution for healthcare practitioners:
  • Use email to instantly and securely communicate with patients and other health practitioners
  • As easy to use for medical office staff and patients as using their existing unsecured email application
  • The email is guaranteed delivered – and can be proven
  • Instantly send jumbo attachments and any captured information viewed on a computer monitor
  • Track, control permissions, and report on an email’s life cycle after it’s sent
  • Set up secure on line forms for capturing and emailing patient or other health practitioner information
  • Mitigate the risk of a breach of privacy of personal health information
  • Comply with government personal health information laws such as HIPPA
  • Work smarter, faster and greener with less waste created by in person appointments, phone, printing and re-printing, faxing, shredding, mailing and couriers.
  • Provides disabled or ill patients who may be unable to use the phone or attend in person meetings, with a secure communication alternative
  • Provide a better customer service experience to patients and other external stakeholders.
Ariane Laird works with email2, provider of encrypted email and patented compliance and productivity features used by thousands of professionals.
  • Doctors, physicians
  • Medical Clinics
  • Medical Assistants
  • Health practitioners
  • Nurses
  • Health Insurance providers