RE: Securing E-mail

[Kelly, Lee]

As for the first scenario there are a variety of secure mail solutions. Most require the mail to be sent to their secure server (on the Internet) and the client can retrieve it from there, but there are some that you install a secure server on your network and the intended recipient accesses the message after putting in a password on a website that is located on your network.   In the case of the ‘gossip hotline’ unfortunately there is not much for easy fixes. You could set up a content filtering solution for all internal mail but the management of this could potentially be a nightmare. One of the best things is in conjunction with the AUP you mentioned is to have a strong, on-going security awareness program. These programs can (and often do) include periodic reminders through flyers, notices in company newsletters, brown-bag type lunches, etc.   Thank You,   Lee Kelly, CISSP Manager, Assessment Services Fortrex Technologies [EMAIL PROTECTED] 1-877-Fortrex - Office 1-301-906-6269 - Cell   -----Original Message----- From: Bill Bernath [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 4:33 PM To: [EMAIL PROTECTED] Subject: Securing E-mail   We've talked about our needs to provide reasonable protection for verbal, paper and electronic PHI content.  Another critter we need to wrestle with is how do we handle at least two families of e-mail?  One set is that which is used in a legitimate exchange between ourselves and our business associates and providers.  These audiences will likely have varied levels of security sophistication at their end.  The second group is the internal 'use' by the gossip hotline, where members of the workforce are sharing sensitive stuff with their pals, because they can.....  Other than having a strong personal accountability policy, has anyone considered other solutions?  Thx - b   Bill Bernath Blue Cross Blue Shield of North Carolina Privacy Office (919) 765-7006 [EMAIL PROTECTED] ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address. ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address.