secureline Archives - Page 2 of 5

Posts Tagged ‘secureline’

Does Sending Email Using BCC Make It HIPAA Compliant?

Tuesday, July 13th, 2021

One common misconception is that sending emails to a list of recipients using BCC (Blind Carbon Copy) makes it HIPAA-compliant. For example, a doctor’s office sends a newsletter to its patients using BCC to hide the other recipients. Patients who receive a message sent via BCC cannot see who else received it. Some may think this email does not contain any identifiable information because the individual recipients are hidden. They assume the messages do not contain any “electronic protected health information” (ePHI) subject to HIPAA regulations.

However, BCC is not good enough to protect ePHI.

Read the rest of this post »

Tags: bcc, blind carbon copy, hipaa, newsletter, phi, privacy, secureline
Posted in Business Solutions, LuxSci Library: HIPAA
No comments »

Opt-In Email Encryption is Too Risky for HIPAA Compliance

Tuesday, July 11th, 2017

A majority of companies that offer email encryption for HIPAA compliance allow senders to “opt-in” to encryption on a message-by-message basis. If the sender “does nothing special” then the email will be sent in the normal/insecure manner of email. If the sender explicitly checks a box or types a keyword in the body or subject of the message, then it will be encrypted and HIPAA-compliant.

Opt-in encryption is desirable because it is “easy.” End users don’t want any extra work and don’t want encryption requirements to slow them down, especially if many of their messages do not contain PHI. It is “good for usability” and thus easy to sell.

Cybersecurity opt-in email encryption

However, opt-in encryption is a very bad idea with the inception of the HIPAA Omnibus rule. Opt-in encryption imposes a large amount of risk on an organization, which grows exponentially with the size of the organization. Organizations are responsible for the mistakes and lapses of their employees. Accidentally sending unencrypted emails with PHI is an automatic breach with serious penalties.

Read the rest of this post »

Tags: email, encrypted email, hipaa, hipaa compliance, omnibus, omnibus rule, opt in, opt out, phi, reportable, secureline, unencrypted, usability
Posted in LuxSci Library: HIPAA
No comments »

Are you Minimizing your Risk by using the Next Generation of Opt In Email Encryption?

Friday, September 11th, 2015

We have long held that leaving it to each sender/employee to properly enable encryption for each sensitive message (a.k.a “Opt In Encryption”) is too risky. Why? Any mistake or oversight immediately equals a breach and liability.

Instead, LuxSci has always promoted use of “Opt Out Encryption,” in which the account default is to encrypt everything unless the sender specifically indicates that the message is not sensitive. The risk with Opt Out Encryption is very much smaller than with Opt In. (See Opt-In Email Encryption is too Risky for HIPAA Compliance).

The problem is: many companies use Opt In Encryption because it is convenient when sending messages without sensitive information — you just send these messages “as usual,” without forethought. These companies are trading large risks in return for conveniences.

LuxSci has solved the “Opt In vs. Opt Out” conundrum with its SecureLine Email Encryption Service. You could say that SecureLine enables the “Next Generation” of Opt In Email Encryption — combining both usability and security.

Read the rest of this post »

Tags: breach, compliance, email encryption, glba, hipaa, opt in, opt out, pgp, s/mime, secureline, tls, TLS-Only
Posted in LuxSci Library: HIPAA, LuxSci Library: Security and Privacy
No comments »

Is your Accountant protecting your privacy and identity?

Wednesday, April 15th, 2015

Everyone always harps on the necessity of privacy when discussing health care, government, and banking communications. It is surprising how little attention is paid to email security with regards to accounting and tax preparation. There is a real danger of identity theft, unintended information disclosure, as well as invasion of privacy when using tax preparation services or organizations that do not use secure email. Why is this?

Read the rest of this post »

Tags: accountant, accounting, documents, email, encrypted, identity theft, password recovery, password-protected file, private labeled, quickbooks, secure email, secureline, security, social security number, tax, tax prep, tax returns
Posted in Business Solutions, LuxSci Library: Security and Privacy
5 Comments »

LuxSci’s New WebMail Composer FAQs — How do I …?

Wednesday, July 9th, 2014

To learn about the new WebMail Composer and our ongoing plans for enhancing the LuxSci web interface, see The Beginning of the New Luxsci Interface. In this document, we answer common questions about the new composer; in particular, shedding light on things that are different to help acquaint you with the changes.