How to send encrypted email: Lawyers, CPAs and Doctors
Selling the topic “Encryption” to professionals is a bit like the topic “insurance”. Some want it out of fear (which I do not find to be a good motivation for anything in life), some need it by law (like the German health care).
With our crypted.co Outlook encryption Plugin we have developed a tool specifically for professionals, who have to prove that they follow the new GDPR in Europe and (older) HIPAA in the US regulations without creating a hassle when they need to send a message to customers.
They major pain with email encryption is the fragmentation of the market and the lack of a standard.
That lack comes from complexity – especially if you are aware of free encryption solutions like PGP. You have to install software on both sides, exchange keys and establish a trusted channel. That makes no sense for a single Outlook email you need to send to a recipient.
I had my yearly check-up done last week and got my results in a ZIP file from the doctor via email. Password protected.
The message said: “use your birth year, 4 digits, to decrypt”… well, not the best way since my birth year is visible on facebook or LinkedIn, but at least they tried.
Now that process is exactly the little step we want to ease for professionals, who by law have to save their data encrypted and transfer that data to customers in an encrypted message.
I will now email our outlook plugin to my doctor and ask them to test it.
Maybe not such a public key as my birth year! But if you create a standard password for your your message to the recipient that is not instantly visible to the public (first 3 letters of your health insurance company, lower case – could be a good idea in Germany or the first 3 digits of your SSN in the States), the whole thing is one click simple and major security is established!
Can you tell me what the level of the encryption is?
eg: Sesame. AES 256 ?
It is AES128, we want to upgrade with the next release…
The email does not go directly to the doctor… it goes to the doctor’s surgery presumably…
so if the subject line is encrypted, how can they know who exactly it is for?