LuxSciLuxSci
be Smart.
be Secure.
Phone: 800-441-6612
sales@luxsci.com
support@luxsci.com

SecureLine Message Center: Free, Secure Message Access Portal

Published: April 23rd, 2015

LuxSci customers send encrypted email messages to anyone using the SecureLine Escrow system — recipients receive a notification of their waiting secure message and click on a link to access it after either answering a security question or logging into their free SecureSend account to verify their identities.

The SecureLine Namespace and Message Center features enable your recipients to login and see a history of all secure messages sent to them from your users and to easily open, read, reply to, and delete these historical messages any time … at least until they have expired.  The Message Center also keeps copies of sent messages — so it enables free WebMail-like behavior in the SecureSend secure messaging portal

Read the rest of this post »

Adding HIPAA-Compliance to your Web Forms in 10 minutes

Published: April 21st, 2015

Forms are pervasive on web sites; the number of forms associated with medical web sites is growing exponentially as everyone is scrambling towards the goal of a paperless office, seeking to optimize time spent processing applications and managing patient data, speeding up the process of making appointments and getting referrals, meeting meaningful use, etc.

Web forms used in the medical industry generally have to be HIPAA-compliant, however, as they almost always involve the input and transfer of ePHI in one way or another.  That presents a problem as the requirements for a HIPAA-compliant web site are complex and take knowledgeable and experienced developers to implement and take extra time and money to get right — and you really have to get things right where HIPAA is concerned.

So, this is where most people are:

  1. They have a web site, which itself is likely not HIPAA compliant yet
  2. The have some web forms already … or maybe have some forms that they want to put up
  3. These forms will collect ePHI
  4. They need to set this up and have it be HIPAA compliant and don’t want to spend a lot of money or time getting it going.

What they need is “HIPAA Form Processing“. 

Read the rest of this post »

Can your web and PDF forms save to an Encrypted Database?

Published: April 20th, 2015

Many web form processing systems allow you to save the form posts in a database.  However, for security and compliance reasons, that is not really very secure.  Of course, if your form processing and the database are in a secure, compliant environment (e.g. a HIPAA-compliant dedicated server), then the situation is better and it may be OK to have your form data saved unencrypted in your database.

However, as the person doing your compliance risk analysis will tell you, it is always better to have data encrypted at rest if you have a choice.  That greatly reduces your risk of breach / compromise.  The problem is: these web form processing systems and plugins will not encrypt your data for you and it is not easy to get a database that is itself fully encrypted.

So — what can you do to lock down your data?

Read the rest of this post »

Single Sign-on (SSO) Integration with LuxSci

Published: April 18th, 2015

Do you have a web site or App that you control where users of that site/App are also users of LuxSci?  LuxSci’s single sign-on service enables your site or app to send these users to any page of their LuxSci interface without their to separately login to LuxSci.

Single sign-on integrates your site or app with LuxSci so that users need only login once (to your site or app) and then can seamlessly travel between them.  This is great for speed and usability.  It is also good for users to not need to remember more passwords.

How does LuxSci Single Sign-On Work?

SSO works through LuxSci’s API.

Read the rest of this post »

Is your Accountant protecting your privacy and identity?

Published: April 15th, 2015

Everyone always harps on the necessity of privacy when discussing health care, government, and banking communications.  It is surprising how little attention is paid to email security with regards to accounting and tax preparation.   There is a real danger of identity theft, unintended information disclosure, as well as invasion of privacy when using tax preparation services or organizations that do not use secure email.  Why is this?

Read the rest of this post »

Opt-In Email Encryption is too Risky for HIPAA Compliance

Published: April 13th, 2015

A majority of companies and hospitals that offer email encryption for HIPAA compliance allow senders to “opt in” to encryption on a message-by-message basis.  E.g. if the user “does nothing special” then the email will be sent in the normal/insecure manner of email in general.  If the sender explicitly checks a box or adds some special content to the body or subject of the message, then it is encrypted and HIPAA-compliant.

Opt-in encryption is desirable as it is “easy” … end users don’t want any extra work and don’t want encryption requirements to bog them down, especially if most of their messages do not contain PHI.  It is “good for usability” and thus easy to sell.

However, opt-in encryption is a very bad idea with the inception of the HIPAA Omnibus rule.  Opt-in  imposes a large amount of risk on an organization, which grows exponentially with the size of the organization.

Read the rest of this post »

What exactly is ePHI? Who has to worry about it? Where can it be safely located?

Published: April 9th, 2015

There is often a great deal of confusion and misinformation about what, exactly, constitutes ePHI (electronic protected health information) which must be protected due to HIPAA requirements.  Even once you have a grasp of ePHI and how it applies to you, the next question becomes … where can I put ePHI and where not?  What is secure and what is not?

We will answer the “what is ePHI” question in general, and the “where can I put it” question in the context of web and email hosting, and SecureForm processing at LuxSci.

Read the rest of this post »

Case Study: Securely Email Medical Laboratory Results to Patients

Published: April 7th, 2015

We count medical laboratories among our many customers.  They process lab tests for doctors and send the results to the patients via email.

Medical laboratories, while sometimes not HIPAA covered entities themselves, are Business Associates with Hospitals and doctors who are required to abide by HIPAA.  By the “transitive” nature of the HIPAA privacy laws, such Business Associates must take pains to abide by HIPAA security and privacy standards, protecting patient data, and ensuring confidentiality.

In order to send patients their results via email, these labs must use a HIPAA-complaint system that can send email to anyone with an email address.

This post describes how one large medical lab uses LuxSci’s SecureLine to safely deliver lab results to 1000s people every day.

Read the rest of this post »

LuxSci’s new API: Account and User Management Functions Added

Published: April 6th, 2015

We introduced our new REST-based API two weeks ago; that version included basic user information functionality as well as commands for synchronizing calendars, contacts, tasks, and notes.  We have completed the adding of all of the old, legacy account management API functions to the new API, as well as adding a few new ones.

LuxSci’s new REST API now allows:

  • Get reports on all users in your account
  • Change user passwords
  • Update user email forwarding setting
  • Add / remove user auto-responders
  • Get reports on user auto responders
  • Look up if domains support SMTP TLS for secure email delivery
  • Create and delete users
  • Update user settings
  • Create and delete domains
  • Update domain settings and catchall email aliases
  • Get reports on all domains in your account
  • Create and delete email aliases
  • Get reports on all email aliases in your account

If you are interested in our REST API and have a trial or full account, you can download documentation PDFs from our help library.

Wish your Web Site Form submissions could turn into PDFs?

Published: April 2nd, 2015

Would you like this work flow?

  1. People fill out forms on your web site
  2. They press “Submit”
  3. You get that submissions as PDFs that looks just like you need them to

It is simple; we find many organizations are looking for this because either:

  • Their people are used to processing documents that look a specific way — and if their web site submissions could look like the forms people are used to … then processing accuracy is improved and change is minimized
  • PDFs are a standard way of saving and archiving documents
  • Maybe you also want to collect a signature on your web form and have the PDF signed

Most web form processing solutions do not have the capacity to produce flattened, custom PDFs from your web form submissions; almost none can also do it securely, in a HIPAA-compliant manner.

Read the rest of this post »

• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 BlackBerry
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries