On 2/15/2015 9:40 AM, Mauricio Tavares wrote:
On Sun, Feb 15, 2015 at 9:12 AM, John <j...@klam.ca> wrote:A couple of the servers I support are medical offices, and for patient confidentiality reasons they need to send email out encrypted. After a lot of discussion they have come to the conclusion that in order to avoid accidentally sending confidential data unencrypted, all email must be encrypted. What they would like is a filter on outgoing email that checks for encryption and refuses anything not encrypted. They need to err on the side of caution.So far Google has not been my friend. Does anybody know of a way of enforcing encryption, or detecting unencrypted email.Stupid question: is the entire email supposed to be encrypted or just part of it ("Hi Bubba. Please see attached an encrypted doc containing an update.")? Also, which encryption did they settle down on?-- John Allen KLaM ------------------------------------------ Support bacteria. There are the only culture some people have.
Why is this a stupid question?All email sent must be encrypted, they plan on using SMIME mainly because it is more common than PGP. The MUAs are a mixture of Outlook and Thunderbird.
There is some discussion as to whether there will be a distinction between support staff, care givers and practitioners. Support staff don't generally have access to sensitive patient data so might be able to use a common cert. care givers and practitioners might share certs based upon their "circle of care" all of this is still being discussed.
-- John Allen KLaM ------------------------------------------ How many of you believe in telekinesis? Raise my hand...
smime.p7s
Description: S/MIME Cryptographic Signature
