" opt out Archives - LuxSci

Posts Tagged ‘opt out’

When Should You Use An Email Encryption Gateway?

Tuesday, September 14th, 2021

An email encryption gateway is a great way to protect sensitive emails for HIPAA compliance. You probably know just how important encryption is for sensitive data, as well as information that is protected by law, like ePHI. However, embracing these protections can sometimes be challenging. Gateways that rely on opt-in encryption put your company at risk, because employees may forget to encrypt protected health information.

Email encryption gateways like LuxSci’s Secure Connector automatically encrypt all outgoing emails, drastically reducing the risk of breaches caused by human errors.

email encryption gateway

What Is An Email Encryption Gateway?

By default, email is incredibly insecure. Protecting it requires additional effort, and it is easy for employees to make mistakes. The main purpose of an email encryption gateway is to encrypt outgoing emails. Some common ways to trigger encryption are:

  • by using keyword prompts
  • pushing a button or switch to enable encryption
  • using content scanners to encrypt emails according to administrator settings.

LuxSci’s Secure Connector automatically encrypts every email message using TLS encryption for a seamless delivery to recipient accounts. LuxSci’s solution allows you to choose the right type of encryption to suit your email use cases. For example, you may want to send highly sensitive messages like patient lab results using a more secure form of encryption like Portal Pickup to protect patient privacy. Not every gateway can provide that level of flexibility so it’s important to understand how you want to use the tool when shopping for a solution.

When Should You Use An Email Encryption Gateway?

There are several situations when using an email encryption gateways is appropriate. These include:

Email Encryption Gateways For Microsoft 365 And Google Workspace

One of the most useful applications is for businesses that use Microsoft Office 365 or Google Workspace. These extremely popular email platforms do not come automatically configured for HIPAA compliance. To make Google Workspace HIPAA-compliant, you must use a third-party encryption tool to secure your emails. Microsoft Office 365 has an encryption add-on option, but it can be difficult to configure and cumbersome for your email recipients.

LuxSci’s own email encryption gateway Secure Connector works with both Google Workspace and Microsoft Office 365 and is simple to configure. All it requires are LuxSci smart hosting accounts for your Google or Microsoft users. For example, if you have 20 users for your company’s domain in Microsoft, you would simply need LuxSci accounts set up in the same domain for those 20 users.

Once the user accounts are configured and smart hosting is enabled in Google or Microsoft, the outbound email for all of these users will flow through LuxSci’s Secure Connector. Every outbound email will be automatically encrypted, without the user noticing or having to do anything. This setup can help your organization meet its HIPAA obligations without having to switch email hosting providers.

Email Encryption Gateways Can Solve A Wide Range Of Problems

While one of the most popular uses of LuxSci’s Secure Connector is for automatically encrypting outbound email for Google and Microsoft, this has much to do with the ubiquity of these services, rather than the limitations of email encryption gateways.

LuxSci’s Secure Connector can also solve the following problems:

  • An ISP does not allow your mail server to send outbound email, or limits the number of outbound emails to a set quantity. Secure Connector gives you a way to circumvent these limitations and send more emails.
  • Your Exchange Server can’t send email directly for your organization, Secure Connector provides another means to do so.
  • If an outbound email system does not support SMTP authentication, Secure Connector can perform the authentication instead. It supports username and password authentication, which can help to keep your organization secure.
  • Your IP address has a poor reputation and your outbound emails are filtered out as spam by the recipients. Secure Connector can help to stop this from happening.
  • You want to hide your mail server’s IP address. With Secure Connector, your mail server’s IP address can be hidden. This helps prevent mail from being blocked by recipients.
  • Archive your outbound emails.

Is LuxSci’s Secure Connector The Ideal Email Encryption Gateway for Your Organization?

If your company needs an email encryption gateway to automatically secure all of its outbound email, LuxSci’s Secure Connector is the only choice. Our opt-out approach to email encryption sets us apart from other companies. It is a HIPAA-compliant solution that supports multiple types of encryption to increase security for highly sensitive emails. Contact our team now to learn more about how Secure Connector can help solve your problems.

High Volume Bulk Email: Key Ingredients for Good Deliverability

Tuesday, August 3rd, 2021

How do you ensure your bulk emails have good deliverability?

Deliverability is key to anyone sending bulk emails like newsletters, announcements, or triggered notifications. As a provider of secure bulk email services, we constantly advise customers on how they can avoid having legitimate messages marked as spam and ensure that they are not blacklisted. In this article, we consolidate our advice for everyone’s benefit. Some tactics for good bulk email deliverability include: ensuring you have a good mailing list, maintaining your mailing list, email message content, and reputation management techniques like SPF, DKIM, and IP anonymization.

bulk email deliverability

Read the rest of this post »

Opt-In Email Encryption is Too Risky for HIPAA Compliance

Tuesday, July 11th, 2017

A majority of companies that offer email encryption for HIPAA compliance allow senders to “opt-in” to encryption on a message-by-message basis. If the sender “does nothing special” then the email will be sent in the normal/insecure manner of email. If the sender explicitly checks a box or types a keyword in the body or subject of the message, then it will be encrypted and HIPAA-compliant.

Opt-in encryption is desirable because it is “easy.” End users don’t want any extra work and don’t want encryption requirements to slow them down, especially if many of their messages do not contain PHI. It is “good for usability” and thus easy to sell.

Cybersecurity opt-in email encryption

However, opt-in encryption is a very bad idea with the inception of the HIPAA Omnibus rule. Opt-in encryption imposes a large amount of risk on an organization, which grows exponentially with the size of the organization. Organizations are responsible for the mistakes and lapses of their employees. Accidentally sending unencrypted emails with PHI is an automatic breach with serious penalties.

Read the rest of this post »

Are you Minimizing your Risk by using the Next Generation of Opt In Email Encryption?

Friday, September 11th, 2015

We have long held that leaving it to each sender/employee to properly enable encryption for each sensitive message (a.k.a “Opt In Encryption”) is too risky.  Why? Any mistake or oversight immediately equals a breach and liability.

Instead, LuxSci has always promoted use of “Opt Out Encryption,” in which the account default is to encrypt everything unless the sender specifically indicates that the message is not sensitive.  The risk with Opt Out Encryption is very much smaller than with Opt In.  (See Opt-In Email Encryption is too Risky for HIPAA Compliance).

The problem is: many companies use Opt In Encryption because it is convenient when sending messages without sensitive information — you just send these messages “as usual,”  without forethought.  These companies are trading large risks in return for conveniences.

LuxSci has solved the “Opt In vs. Opt Out” conundrum with its SecureLine Email Encryption Service.  You could say that SecureLine enables the “Next Generation” of Opt In Email Encryption — combining both usability and security.

Read the rest of this post »

Email Encryption Opt Out Now Available for Outlook and Other Email Programs

Friday, December 7th, 2012

A few weeks ago, we introduced the option for users in security-enabled accounts (such as users subject to HIPAA compliance requirements) to determine for themselves which messages need to be encrypted and which do not.  See: HIPAA Compliant Email – You Decide Which Messages Need Encryption

The  “SecureLine Opt Out” feature was then only available to users of our web-based email interface.  Now, the “SecureLine Opt Out” feature is also available to:

  • Premium Mobile Sync users on mobile devices
  • Customers using SMTP from mobile devices
  • Customers using SMTP from most email programs (e.g. Outlook, Thunderbird, Mac Mail, etc.)
We have also enhanced Opt Out to enable administrators to have more control over who can and cannot opt out of SecureLine email encryption.
LUXSCI