There term “HIPAA Encryption Software” is pretty generic and can refer to a lot of different encryption products. The key to selecting the right solution for your organization largely depends on your organizations infrastructure. Deploying system wide solutions can be expensive. Many large institutions are able to leverage volume license discounts. Smaller organizations often find themselves somewhat behind the eight ball with regard to paying for the necessary level of encryption software to maintain HIPAA compliance.
We looked at several competing software solutions. The one common thing we noticed right away was that all of them claim to be 100% HIPAA compliant. Protecting confidential records with any new software solution will require some level of training. This is the one area we found to be lacking with a lot of out of the box healthcare security software solutions. While we will not make a specific HIPAA Encryption software recommendation here we do encourage our readers to compare at least four competing companies and then take a serious look at the many open source solutions. Knowing how each company structures there offerings will help you negotiate the best deal for your situation.
Many institutions have incorporated some form of email encryption to facilitation the transmission of PHI and other protected data. Government and industry regulations such as those posed by the Health insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA) offer enough compelling reasons for corporations to increase the security of messages to help meet compliance requirements. Existing solutions (server level encryption, public key infrastructure (PKI), and password-protected files) tend to be expensive and complicated to setup, integrate and to deploy. These solutions do not provide the flexibility, sophistication, or ease of use that corporate users need to deploy e-mail encryption for external communications. These factors combined with the timeline imposed by federal law have sent many IT professionals scrambling for hosted encrypted email solutions.
Some of the most popular email encryption solution and there key benefits are included below.
ZIXCORP – Desktop and policy-based email encryption for regulatory compliance
ZixCorp is the the largest email encryption service provider, ZixCorp protects millions of email addresses including those of some of the nation’s most influential institutions. In fact One of every seven hospitals use ZixCorp for email encryption. ZixCorp’s Email Encryption Service has built-in lexicons that automatically detect and encrypt messages that contain personally identifiable information. It’s invisible to end users and helps prevent accidental transmission of confidential data. ZixCorp’s three main products: Zix Gateway (an Email Encryption Appliance), ZixMail (offers desktop email encryption) and Zix Professional bundle (all that and more).
Google Postini Services
Key Postini email encryption Features
• Protect sensitive data during transmission
• Automatically encrypt messages that contain confidential or protected information.
• Manage Content Policies – Create content based policies to help comply with GLBA, HIPAA, PCI DSS and data privacy regulations.
• Automate encryption – Inspect emails and attachments and apply encryption policies based on content. Use predefined lexicons to enable automatic encryption of policy-controlled content.
• Analyze and document encryption history – Produce reports showing encrypted messages and policy enforcement
Microsoft Exchange Hosted Encryption Service benefits
• Sends encrypted e-mail messages to anyone, regardless of the recipient’s system configuration
• Decrypts and read e-mail with confidence, without installing client software
• Provides strong, automated encryption with a cost-effective infrastructure
• Consistently and automatically helps protect sensitive information and data leaving your e-mail gateway
• Helps manage compliance with security and privacy requirements such as HIPAA and Gramm-Leach-Bliley
• Eliminates need for key and certificate management
• Generates keys on the fly
• Minimizes up-front capital investment
• Integrates with existing e-mail infrastructure
• Helps free up administrator time to focus on other projects