Secure Email

WebFire

WebFire

Perch
I have a client who is going to require secure email. They need to send some patient information via email.

What are my options through Jodo? Third party?

Thanks!
 
I looked at Psoft docs and found nothing, I honestly don't know, but I know it uses SSL and encrypts.
 
Stephen said:
I looked at Psoft docs and found nothing, I honestly don't know, but I know it uses SSL and encrypts.
Click to expand...

:D I like the honest answer. I'll be looking into this. I'll report anything back.
 
To use IMAPs, configure account as a normal IMAP account. Next go to account settings and enable SSL for this account. Now set port to 993 and Apply.

For Outlook Express, steps will be:
Go to Tools -> Accounts -> Select Account
Click properties and go to Advanced Tab.
Check "This server requires a Secure connection(SSL)", Apply & OK.

All SSL enabled ports are:
SMTPs - 465/tcp
POP3s - 995/tcp
IMAPs - 993/tcp

POPs/SMTPs need to be configuerd the same way.
 
tanmaya said:
To use IMAPs, configure account as a normal IMAP account. Next go to account settings and enable SSL for this account. Now set port to 993 and Apply.

For Outlook Express, steps will be:
Go to Tools -> Accounts -> Select Account
Click properties and go to Advanced Tab.
Check "This server requires a Secure connection(SSL)", Apply & OK.

All SSL enabled ports are:
SMTPs - 465/tcp
POP3s - 995/tcp
IMAPs - 993/tcp

POPs/SMTPs need to be configuerd the same way.
Click to expand...

Let me make sure I understand:

1. Set up the email account in HSphere
2. Enable SSL for the whole domain
3. Setup IMAP account in Outlook
4. Check the SSL box and set port to 993 in Outlook

Do we need to buy an SSL cert for the domain? Or does some magic happen with the port?

Thanks!
 
Step 2 is not required as we have a shared SSL certificate here for mailservers.
 
Bear in mind that, as far as I am aware, this kind of SSL connection only protects mail and login details between the sender and his SMTP provider. It doesn't encrypt the mail between SMTP servers, or during the connection from the POP host to the recipient. So the only privacy gained here in reality would be for the login details of the sender. SSL SMTP is not intended to provide privacy for the email contents all the way from the sender to any number of recipients.

The addition of some form of encryption key (PGP or S/MIME) for the email contents would also be necessary if total security is required.
 
If they are sending patient data, you better look into what it takes to be HIPAA compliant. May not be something you can do via a shared server.
 
Good Oyster said:
If they are sending patient data, you better look into what it takes to be HIPAA compliant. May not be something you can do via a shared server.
Click to expand...

Yeah, we've already discussed it. They won't be sharing any patient specific data. They will be using it more as a communication tool between offices. But mostly to discuss scheduling. So it might be more of "Bob can't come in until 3" rather than sharing Bob's medical records.

So they aren't too concerned with HIPPA, as they already have strict guidelines in place since they deal alot with substance abuse. But they still want it to be secure just to cover their butts.

Looks like PGP or similar is the only option. I'll look into that.
 
You must log in or register to reply here.
Back
Top