A lot can happen on the digital path from sender to recipient. Attackers are finding more ways to intercept and scan emails for sensitive or confidential information, so it's important to take precautions. To ensure your emails are always private, especially those holding confidential information, you want to protect your cyber presence with an advanced end-to-end secure email encryption. LuxSci's SecureLineTM provides an encrypted and secure solution for emails to be sent from any customer to any recipient. SecureLineTM has been around since 2005 providing a comprehensive, easy-to-use email security solution for mobile devices, desktop applications, and LuxSci's WebMail. SecureLineTM is also HIPAA (Health Insurance Portability and Accountability) compliant, making it the perfect solution for medical and health care professionals sending ePHI in email messages.
HIPAA compliance requires that the transfer of any sensitive or confidential patient health information (ePHI) over the Internet is done securely. Our SecureLineTM email encryption system is designed to do just that. SecureLine seamlessly and dynamically integrates the following modes of secure email transmission to ensure that you can securely communicate with anyone, no matter what email system they have.
HIPAA requirements are extremely vague and decisions on risk, security, usability and applicability are generally in the hands of each individual organization. As such, LuxSci's email security system is uniquely flexible, allowing you to "dial in" where you need to be on the spectrum from high usability to high security.
For those who wish to leverage of the easy of use offered by SMTP TLS as much as possible, LuxSci offers some very unique features:
There are many, many other flexible options in Secureline, including:
When you sign up for HIPAA-compliant email, SecureLine ensures that all email messages sent via SMTP, API, or our WebMail interface are sent securely, while remaining flexible enough to allow exceptions where appropriate for usability. The chart below shows how SecureLine can be adjusted to fit the scope of your compliance.
|Who sends ePHI?||Is non-ePHI sending required?||Solution|
|Never||Full account-wide lockdown. All users are required to send securely. Insecure sending is entirely prohibited.|
|Occasionally for some users||Account-wide lockdown with opt-out enabled. All users are required to send securely, but certain users are permitted to opt-out on an individual message basis. All opt-outs are logged.|
|Occasionally for all users||All users have logins to two separate domains — one for secure sending (typically a subdomain), and one for non-ePHI sending. The secure domain is completely locked down to prohibit non-ePHI sending.|
|Never||Majority of users have logins in a non-HIPAA domain, while the few that send ePHI have logins in a different HIPAA-secure domain (typically a subdomain). The secure domain is locked down to prohibit non-ePHI sending.|
|Occasionally||Majority of users have logins in a non-HIPAA domain, while the few that send ePHI have logins in a different HIPAA-secure domain (typically a subdomain). The secure domain is set to allow opt-outs. All opt-outs are logged.|
Book 1 in the LuxSci Internet Security Series.
Created by Erik Kangas, PhDGet the HIPAA eBook