" email archival Archives - HIPAA News, Web & Email Security Tips & News - Plus More | LuxSci

Posts Tagged ‘email archival’

LuxSci’s 2016 Advancements – The Year in Review

Saturday, December 31st, 2016

LuxSci has been really busy in 2016!  Besides migrating customers from McAfee due to the “end of life” of their filtering and archival services, keeping up with the changing security landscape, and replacing our Enterprise Server Environment with a newer, faster, more scalable, and more secure private cloud, LuxSci has been hard at work adding new features and extending existing services in the directions most requested by our customers.  Here are some of the highlights.

Read the rest of this post »

Email Archival is Better than Ever: Migration Plan for Old Customers

Thursday, June 16th, 2016

For the past five months, new customers who have purchased email archival from LuxSci have been getting the excellent archival services of our new partner, Sonian.  LuxSci changed archival partners after it was announced that McAfee’s email filtering and archival services were at their “end of life.”

The new Sonain service has turned out to be vastly superior to that which was available through McAfee. In the end, everyone will be able to take advantage of a superior archival solution.  This article discusses some of the benefits of Sonian Archival, as well as how we are migrating old customers from McAfee to Sonian and what they should expect.

Read the rest of this post »

Are you encouraging insecurity via your Web site contact and intake forms?

Friday, April 15th, 2016

Many Web sites have “contact us” pages and other Web forms for receiving requests from existing or potential customers.  This includes “new patient intake” forms on the Web sites of healthcare providers.

 

The garden variety Web form suffers from several serious problems:

  • Spam – Getting unwanted form submissions from Web robots.
  • Privacy – Often, sensitive data is submitted insecurely through these forms.
  • Archival – You may need an archived record and backup of all submissions.
  • Notices – You may need to be alerted of form submissions, even if you are not online.

Proactive privacy vs. neglect of privacy

When your Web forms transmit data insecurely, store or send data insecurely, or otherwise to do not treat the data submitted with the level protection that it deserves, you are putting the users of your forms at risk.

The typical argument is that “it is up to the user of the forms to decide if they want to submit sensitive information.” In fact, many insecure forms even have disclaimers requesting people to not submit sensitive information if they have concerns … and then the forms go on to ask lots of sensitive questions.   Especially without a disclaimer, but even with one, the form is actively soliciting people to submit their information insecurely and requesting them to take risks with their private data.   This is not good.

In areas such as healthcare, where these forms are often collecting sensitive health data (protected health information – PHI), the fact that an organization solicits the submission of PHI through insecure, non-HIPAA-compliant means is far from a “best practice”.  Why?

Read the rest of this post »

LuxSci as SMTP Relay for Gmail = LuxSci Encryption for Google

Monday, June 8th, 2015

Gmail and Google Apps users can route their outbound email through LuxSci to take advantage of SecureLine email encryption, which enables HIPAA compliant sent messages, plus LuxSci’s extensive outbound email management tools.  If you prefer the Google interface or need to use it for some reason, but require encryption and/or compliance, you can meet your needs by adding on LuxSci.

Google Apps

Read the rest of this post »

Interview with Mason Rothert, CEO of Mediprocity our partner for SecureChat

Friday, February 20th, 2015

Mason Rothert is the CEO of Mediprocity, the company that we have partnered with and worked closely with to provide LuxSci SecureChat.

Mason Rothert & Nicholas Magers conceived Mediprocity while working together in the healthcare field calling on physician offices and healthcare provider centers. At the time, Mason Rothert was working as V.P. of Sales and Technology for a management company overseeing long-term care facilities and a full range therapy company. Nicholas Magers was finishing up his MBA at USC and working for a pulmonary company as a sales director. They decided to combine forces in order to solve the fragmentation of communication amongst covered entities and business associates in healthcare. They would focus on the new technologies available as well as the growing need to encrypt patient health information in order to prevent data breaches.

Mediprocity begin in 2009 as a social network for healthcare.  The Company culture has always been to be physician-centric and to help improve communications.  As smartphone and text messaging popularity grew rapidly, it was clear in 2010 that Mediprocity needed to become a simple secure solution for HIPAA-compliant communication.  They set out to combine the best elements of instant messaging, SMS text, and Email.

LuxSci has integrated the Mediprocity secure communications product into its offering and is continuing to work closely with them to integrate the SecureChat service more and more tightly with LuxSci’s SecureLine secure emailing offerings.

Mason has agreed to this interview so that we can answer many common SecureChat-related questions for you.

Read the rest of this post »

Can you access copies of all email messages sent and received by your employees?

Monday, December 15th, 2014

As an email service provider, we are constantly asked by business owners to retrieve email messages received or sent by specific employees last month, last year, or many years ago.  The reasons are numerous and include:

  • Contractual disputes requiring proof of exactly what was said, and by whom
  • Inappropriate employee behavior requiring proof of what was said or done
  • Accusations of harassment requiring exact copies of the messages in question for analysis
  • Important business information or data that may have been sent and subsequently lost or deleted and now needs to be retrieved

It’s a good hypothetical to consider: what would happen if your organization suddenly needed copies of all email correspondences between two people from, say, two years ago?

It turns out that in many cases, such requests are made in vain. 

Read the rest of this post »

5 Things Everyone with HIPAA Email Should be Doing

Monday, August 25th, 2014

Ok — So you have “HIPAA Compliant Email” because you just signed up with a company that says they handle that.  One thing checked off of your “to do” list and on to the next.

Well, not so fast.

HIPAA is a complex beast, as you are probably already aware.  Just signing up for a service that claims to be HIPAA compliant does not mean that you are done.  You may need to:

  1. Learn nuances of what you can and can’t do in order to remain compliant
  2. Train yourself and your staff on these nuances
  3. Make sure that you have purchased all of the things needed by your organization for your particular compliance goals
  4. Ensure that you have set things up properly with your systems and at your new vendor

Here are some of the top things that everyone who has HIPAA-compliant email really should be doing:

Read the rest of this post »

Email Archival is Required by HIPAA

Thursday, September 19th, 2013

Email ArchivalCustomers constantly inquire if Email Archival services are really required by HIPAA regulations.  There is a great deal of confusion and uncertainty here because:

  1. HIPAA by its nature is vague, listing many things that you need to do, but not saying how.  This makes things flexible and workable, if ambiguous.
  2. Email Archival generally adds cost to any email solution — and everyone prefers to avoid unnecessary costs.
  3. Most want to do the minimum needed for compliance due to time and budgetary constraints.

In our opinion, Email Archival is an implicit requirement of HIPAA for all organizations that utilize email for the sending or receipt of ePHI should invest in.  In the next section, we’ll review why.

Read the rest of this post »

Understanding Email Services: A crash course in email jargon

Tuesday, July 23rd, 2013

You thought email was a simple concept, but you are at once confronted with a plethora of acronyms and jargon like POP, IMAP, WebMail, Aliases, Forwards, SMTP, IMAP, POP, Quota, SPAM, TLS, SSL, Archival, and more! This article describes the ins and outs of email, explains these terms, and helps you figure out what services and features you need from your personal or business email service provider.

Read the rest of this post »

Best Practices: Accessing and Monitoring Staff Email

Monday, June 24th, 2013

The following situations or requirements are all very common to small and medium-sized businesses:

“We have travelling sales people who need to be able to access all their emails online.”

“We have users whose inbound/outbound email needs to be reviewed or accessible by management.”

“We have users who need to access the same email folders or addresses all of the time.”

These kinds of situations usually require

  1. Storage of lots of email, and
  2. Shared access to that email

In this article, we discuss some of the best ways to meet these needs and what things to avoid.  In short, the answer is to use shared email folders combined with email archival for maximum redundancy and reliability.  For what this means and why, read on:

Read the rest of this post »