Help Me With HIPAA

Episode 18: Email isn't secure, really, it isn't

Listen Later

Let's review email systems and how they can be secured for ePHI and other sensitive data.

Find Healthcare IT

HIPAA For MSPs

Kardon Compliance

Alston Article on Email Security

 

Notes

Leigh from Florida sent us an email asking for us to explain some more specifics about email. She had been listening to Episode 8: HIPAA Myths Part 2 which mentioned it but she had specific questions how can email be secured. This couldn't be covered in a quick 5 minute HIPAA answer episode so we are doing a whole episode. 

  • How does email work - for "real people" to understand
    • Compare to the post office since that is the way it was originally modeled to match
    • Why that isn't secure at all, really
      • http://www.healthcareitnews.com/news/hipaa-breach-letters-go-out-after-email-hack (article on email hacked and it had patient info in it)
      • open transmissions and many different servers
      • Misconceptions
        • I use a password so it is secure
        • I use https so it is secure
        • I use TLS so it is secure
        • I use updated Outlook with Hosted Exchange so that should be secure
        • Secure email via
          • End to end encryption tools - each party knows the key
          • Messaging system - you get an email telling you to log in to get the secure email
          • Hosted services that allow for specific types of messaging
            • Hosted exchange
            • Plug-in apps
            • Secured internal only messaging systems
              • Very specific set up to secure the mail database on your internal server
              • Controls you have in place to prevent email to other domains outside the secure system (usually software required)
              • Some systems are automatic encryption / others require you to hit a button on the mail to send it secured.

              • Secure messaging systems for internal discussions that don't use email

                • whole new way of communications in forums / chats instead of email

                • Texting also matters but that is a different episode we can touch on it here

                • A word about spear phishing - excellent example this week from a client

                  ...more
                  View all episodesView all episodes
                  Download on the App Store
                  Help Me With HIPAABy Donna Grindle and David Sims
                  • 4.9
                  • 4.9
                  • 4.9
                  • 4.9
                  • 4.9

                  4.9

                  61 ratings

                  More shows like Help Me With HIPAA

                  View all
                  This Week in Tech (Audio) by TWiT

                  This Week in Tech (Audio)

                  3,014 Listeners

                  The Ramsey Show by Ramsey Network

                  The Ramsey Show

                  38,704 Listeners

                  Wait Wait... Don't Tell Me! by NPR

                  Wait Wait... Don't Tell Me!

                  38,649 Listeners

                  Radiolab by WNYC Studios

                  Radiolab

                  43,909 Listeners

                  The Joe Rogan Experience by Joe Rogan

                  The Joe Rogan Experience

                  225,807 Listeners

                  CyberWire Daily by N2K Networks

                  CyberWire Daily

                  1,006 Listeners

                  Juicy Scoop with Heather McDonald by Heather McDonald & Studio71

                  Juicy Scoop with Heather McDonald

                  25,558 Listeners

                  The Jordan B. Peterson Podcast by Dr. Jordan B. Peterson

                  The Jordan B. Peterson Podcast

                  34,045 Listeners

                  This Past Weekend w/ Theo Von by Theo Von

                  This Past Weekend w/ Theo Von

                  27,214 Listeners

                  Darknet Diaries by Jack Rhysider

                  Darknet Diaries

                  7,871 Listeners

                  CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

                  CISO Series Podcast

                  187 Listeners

                  All-In with Chamath, Jason, Sacks & Friedberg by All-In Podcast, LLC

                  All-In with Chamath, Jason, Sacks & Friedberg

                  9,095 Listeners

                  The MeidasTouch Podcast by MeidasTouch Network

                  The MeidasTouch Podcast

                  44,368 Listeners

                  SmartLess by Jason Bateman, Sean Hayes, Will Arnett

                  SmartLess

                  57,908 Listeners

                  The Dr. John Delony Show by Ramsey Network

                  The Dr. John Delony Show

                  7,093 Listeners