Are You Encrypting?
August 20, 2015
Do you send e-mail or other electronic messages that contain or attach sensitive data or information of a client, patient or other third party, such as:
- Any type of health or medical records?
- Bank records, account numbers or other financial information?
- Tax returns or tax-related information?
- Intellectual property or trade secrets?
- Securities related documents or other investment information?
- Social Security numbers, passwords, PINS or other personal identification information?
For most professionals, the answer to the above questions is yes, and on a fairly regular basis. If you are one of those professionals, are you taking reasonably adequate measures to protect against disclosure of such data or information? Do those measures include sending such information electronically through some type of encryption? If not, it’s time to look into utilizing some sort of encryption technology when sending messages or documentation containing sensitive information.
Recent changes to various laws have increased the potential civil and even criminal exposure of various professionals for disclosure of such information. These changes include among others, updates to HIPPA regulations, RESPA, and creation of the Consumer Financial Protection Bureau. Even without the new and existing legal requirements, failure to safeguard sensitive information of others can lead to a lack of confidence, trust or loss of business from clients, patients, customers and vendors. This is true even if the disclosure or breach was unintentional, inadvertent or caused by the intentional illegal acts of others.
Fortunately, there now are relatively simple technologies available that make it easy to send encrypted messages and corresponding attachments. These technologies allow each user to determine for each message whether encryption is necessary and then easily and quickly take the necessary steps. Receiving the encrypted message only takes a few steps and generally is only necessary for the first encrypted message received from the sender. The cost of such encryption technology generally is very affordable and well worth the investment to prevent what could be a catastrophic loss for you, your business or your clients, patients or other third parties.
For example, our firm uses Virtru, which embeds directly into Outlook (and other email platforms) and appears as an on/off icon directly above the send button on new messages. One click and your message is encrypted and it allows you to prevent forwarding of the message, set expiration times and even recall a sent message, for as low as a few dollars per month per user. Installation involves just a few, easy to follow steps. What are you waiting for?