To meet HIPAA email compliant requirements for secure email transmission, the level of SSL/TLS (Secure Sockets Layer / Transport Layer Security) used must ensure the confidentiality and integrity of Protected Health Information (PHI) in transit. What Does HIPAA Says about TLS and SSL HIPAA doesn’t specify exact SSL/TLS versions, but industry standards — including NIST (National […]
Transport Layer Security (TLS) is a widely used protocol in email security, the other being Secure Sockets Layer (SSL). Both are used to encrypt a communication channel between two computers over the internet. An email client uses the Transport Control Protocol (TCP) – which enables two hosts to establish a connection and exchange data – […]
Email transmission between servers has historically been extremely insecure. A new draft internet standard called “SMTP Strict Transport Security” or “SMTP MTA STS” is aiming to help all email providers upgrade to a much more secure system for server-to-server mail transmission. This article lays out where we are currently in terms of email transmission security […]
SSL versus TLS TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are protocols that provide data encryption and authentication between applications and servers when that data is sent across an insecure network. The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is, in fact, the […]
In a question recently submitted to “Ask Erik,” John asked: “How does sending a TLS-encrypted email sometimes become non-compliant? Lets says I send an email from my Office 365 Business account to a gmail.com account which both support TLS encryption. Is it because I do not know what path and what servers the email has […]
