" secureform Archives « Page 2 of 5 « LuxSci FYI
LuxSciLuxSci
Secure Email,
Web and Form Solutions
Phone: 800-441-6612
sales@luxsci.com
support@luxsci.com

Posts Tagged ‘secureform’

February Special Offer on SecureForm and HIPAA

Friday, January 31st, 2014

Special offer for February, 2014!

  1. First month of SecureForm service Free (choose any tier of SecureForm).
  2. HIPAA setup fee waived when ordering SecureForm (a $100 value)

Simply use special offer code FREESF when ordering.  

Read the rest of this post »

Case Study: LuxSci SecureForm and Ink Signatures Eliminate Downloading, Printing, Signing, and Faxing of Contracts

Friday, January 31st, 2014

For legal reasons, LuxSci’s HIPAA customers are required to physically sign a “Business Associate Agreement” and return it to us.  While this is a simple and commonplace request, it creates a lot of busy work on the part of the customer and LuxSci!

The customer might have to

  1. Download the file
  2. Print out the 19 pages
  3. Sign the agreement
  4. Fax back all pages, or scan it and return electronically

Then, LuxSci might have to

  1. Locate the document
  2. Sort out faxes that are in the wrong order, upside down, blank, or missing pages
  3. Figure out who sent the document
  4. Verify that pages are not missing or changed
  5. Counter-sign the document and attach them to the customer account
  6. Contact customers who have not sent in their documents properly or at all which is crucial to the HIPAA certification process

Multiplied by lots of customers, this creates a lot of unproductive busy work for everyone — and this time costs money.

To simplify this process, LuxSci use its own SecureForm and Ink Signatures technologies to make submission of signed contracts a snap for customers, as well as to eliminate most of the busy work LuxSci itself has to do to manage the process.

In this post, we describe how both technologies work.

Read the rest of this post »

Creating Secure Web Pages and Web Forms: What You Need to Know

Wednesday, January 29th, 2014

Fred is a busy small business CEO.  He hired a cheap developer online to setup his secure medical web site for him.  The developer got an SSL certificate and setup pages where patients can make appointments and the doctor can receive patient requests and notices, “securely”.  However, the developer didn’t have any real training in security and none in HIPAA and as a result, PHI was being sent in the clear, there were no audit trails or logs, SSL security was not enforced, and may other serious issues plagued the site.

Luckily, Fred was made aware of the situation before a serious security breach happened (that he knew of); however, he had to re-do the site from scratch, more than doubling his time and money costs.

Creating a web site that has “secure” components requires more than slapping together some web pages and adding an SSL Certificate.  All a certificate really does is create a thin veneer of security — one that does not go very far to protect whatever sensitive data necessitated security in the first place.  In fact, naive attempts at security can ultimately make the data less secure and more likely to be compromised by creating an appetizing target for the unscrupulous.

So, beyond paying big bucks to hire a developer with significant security expertise, what do you do? Start with this article — its purpose is to shed light on many of the most significant factors in secure web site programming/design and what you can do to address them.  At a minimum, reading this article will help you to intelligently discuss your web site security with the developers that you ultimately hire.

Read the rest of this post »

HIPAA Compliant Emails Sent From your Web Site: Best Practices

Tuesday, January 7th, 2014

You buy a HIPAA compliant web hosting infrastructure.  You configure your web site to send out email messages in the simplest way, e.g. through PHP mail, or some other generic and standard mechanism.  You think you are all set — but you are not.

HIPAA compliant web hosting services provide a server infrastructure that allows you to be compliant; however, it doesn’t make you compliant.  Your web designers must make choices and program your site so that it properly respects ePHI.  If they do not do all the appropriate things, you will be out of compliance.  E.g. see: 7 steps to make your web site HIPAA-secure.

In particular, email messages sent in the “normal way” from a web site will go out insecurely in a way that will violate the HIPAA Security Rule if they contain ePHI of any kind.  E.g. they will not be encrypted and will not be archived.

Read the rest of this post »

Written Signatures for your Forms. Delivered via PDF

Tuesday, November 12th, 2013

You have a form that customers, vendors, or staff must fill out and return and that form needs to have their written physical signature on it.  Ideally, you would like to get that form, together with their written signature, returned to you as a PDF.

In these days of a paperless workplace and instant digital communications from anywhere, being able to replace the signed and completed form with a simple digital alternative is critically important.  Fortunately, there are several ways to accomplish this.

Read the rest of this post »

PDFExpert for Filling in PDF forms on Tablets and Mobile Devices

Monday, November 11th, 2013

Many customers of our SecureForm service create PDF forms for their staff to fill in while “on the go”.  E.g. order forms, contact forms, inventory tracking forms, etc.  However, while PDFs can be viewed on most devices, tablets and phones do not usually have functionality that enables filling out PDF forms and submitting them properly for processing.  (The Adobe App does not support PDF form submission on mobile devices)

We have found that PDFExpert does a wonderful job of this on both iPad and iPhone.  With PDFExpert, you can:

  1. Fill out and submit PDF forms.  It works seamlessly with LuxSci SecureForm PDF form processing service, to enable you to receive your submitted form data immediately and in whatever format you require. It’s the only iPhone application that can fill PDF forms.
  2. Sign PDF documents with a handwritten signature
  3. Annotate PDF documents quickly and easily
  4. Handles huge PDF documents very easily with fast scrolling

Note that signatures and annotations to PDF forms can be submitted to the server and received only if your PDF form is configured to submit its data “as a complete PDF”.

PDFExpert is ideal to enable your staff-on-the-go to work quickly and efficiently with PDF forms and to include handwritten signatures directly in these documents.  Having written signatures on your submitted PDF forms is especially useful for organizations requiring HIPAA compliance and/or legal authorizations.  Combined with LuxSci MobileSync, PDF Expert offers a complete mobile solution for compliant management of calendars, contacts, tasks, notes, email, and forms.

 

Compliant Web Forms in an Instant – HIPAA Form Processing

Monday, August 26th, 2013

Forms are pervasive on web sites; the number of forms associated with medical web sites is growing exponentially as everyone is scrambling towards the goal of a paperless office, seeking to optimize time spent processing applications and managing patient data, speeding up the process of making appointments and getting referrals, etc.

Web forms used in the medical industry generally have to be HIPAA-compliant, however, as they almost always involve the input and transfer of ePHI in one way or another.  That presents a problem as the requirements for a HIPAA-compliant web site are complex and take knowledgeable and experienced developers to implement and take extra time and money to get right — and you really have to get things right where HIPAA is concerned.

So, this is where most people are:

  1. They have a web site, which itself is likely not HIPAA compliant yet
  2. The have some web forms already … or maybe have some forms that they want to put up
  3. These forms will collect ePHI
  4. They need to set this up and have it be HIPAA compliant and don’t want to spend a lot of money or time getting it going.

What they need is “HIPAA Form Processing“. 

Read the rest of this post »

Web Form Signatures: Fast, Easy Method of Informed Consent

Friday, August 23rd, 2013

 A dentist looking for a consult on x-rays needs explicit consent from the patient to transfer the x-rays and related information [securely] to the other doctor, at least in many states.

There are many similar cases where “written” consent is needed to transfer private information, transfer responsibility, request actions, etc.  Simply sending information over email or through a web form does not easily include a mechanism for transferring consent — e.g. written authorization signatures.

Fortunately, there is a simple, cost effective, and secure solution — use of web-based forms which include written signature field(s).

Read the rest of this post »

Web Forms Reduce Spam and Optimize Business Processes

Wednesday, July 10th, 2013

Businesses of all sizes use general purpose email addresses, like info@company.com or support@company.com, as conduits for information, Support, Sales, Billing, and other requests from customers.  On the surface, there is an apparently very good reason for this: many customers appreciate the simplicity of being able to send an email message.  It’s best to be as flexible as possible and reduce the time that the customer must spend to get a response, right?

There are actually many significant downsides to accepting general customer requests via email; downsides which can actually cause friction, slow the response process, or result in missed opportunities.  We will cover many of these issues, below.  The solution, is to use targeted specific web-based forms to collect customer requests; we will also discuss why this is a better approach.

Read the rest of this post »

Ensuring all Data is Encrypted at rest with LuxSci

Friday, May 10th, 2013

Email and other data is either being “transmitted” or  ”processed” or “at rest”.  E.g. it is moving from one computer to another, or it is stored / at rest on a computer, or it is preparing to be transmitted or stored.

While most types of compliance regulation, such as HIPAA, specifically require that data be transmitted securely, not all regulations require that data be stored in an encrypted format while at rest.  E.g. HIPAA does not require at rest encryption, though it may be recommended to decrease potential liability.

However, having your email and other data encrypted while at rest does significantly increase the security of that data, even if that level of security is not explicitly required.  As a result, many LuxSci customers have asked about how to ensure that all of their email and other data is encrypted while at rest.

Read the rest of this post »

TRUSTe EU Safe Harbor Thawte Extended Validation SSL Certificate McAfee Secure Authorize.net Merchant
• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 BlackBerry
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:
• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:
• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries