New Release: Email Security Awareness Training- Empower your team to proactively combat email threats with easy-to-launch phishing simulations and assessments Learn More
New Release: Email Security Awareness Training- Empower your team to proactively combat email threats with easy-to-launch phishing simulations and assessments
Learn More
Simplifying Email Encryption : NRHC

Simplifying Email Encryption : NRHC

Mark Liapustin Mark Liapustin
May 2, 2023

Who is Northeastern Rural Health Clinics?

NRHC is the largest provider of outpatient care to Lassen County. We currently provide over 50,000 patient visits per year, covering primary care, obstetrics, urgent care, dental services, health/nutrition/childbirth education, and the Women, Infants, and Children (WIC) program.

Being a health provider, NRHC is mandated by Health Insurance Portability and Accountability Act (HIPAA) to protect PHI (Protected health information), including data collected through email, fax, or mail.

For the last 12 years, NRHC has extensively leveraged fax machines and eFax technology for patients to send forms and communicate with third parties, including insurance companies, healthcare professionals, and doctors.

Competitive Displacement With Trustifi

NRHC previously deployed ZIX and Microsoft to help provide email encryption solutions integrated into their messaging workflow to begin the transformation from legacy fax machines to secure email. While these solutions at the time came highly recommended, NRHC discovered several challenges, including:

  • Very complex rules wizard to help secure emails
  • The time to set up
  • The cost to maintain the solution was more expensive than initially budgeted.
  • When defining policies and rules, the console is prone to human error.
  • Very difficult for end-users to encrypt and decrypt messages from patients and external doctors, including securing email attachments.

Trustifi Solution

  • Lower Cost Solution with ease-of-use
  • Management console straightforward to navigate
  • Encrypting emails with a single click
  • 100% success in encrypting all outbound messages, including attachments.
  • Faster end-user adoption

“Trustifi was the easiest security solution to adopt in my twelve years in IT. We previously used Zix and Microsoft, which were hard to use,” said Jacobb Sullens, Information Systems Manager for NRHC.

The Risk of Legacy Fax Encryption Solutions

NRHC relied on a secure fax solution to help address several HIPAA compliance-related issues for patient data security. Healthcare providers like NRHC leveraging secure fax solutions rely 100% on the carriers to encrypt all transmissions. Another reality in secure fax solutions is the security problem of the documents ending up on the wrong fax machine, exposing patient medical information.

If the documents and the other content become unsecured and exposed, The Department of Health Human Services, under the HIPAA Privacy Rule signed into law on April 14, 2003, will trace the sending fax back to the originating document, and this entity will be held responsible for the breach and the fines.

Under this privacy rule, every incident costs the entity responsible for the data breach $50,000 per incident. If the entity committed three more similar data breaches in a chain, the fine could increase to $150,000.

Do You Know if Email Needs to be Encrypted to Meet HIPAA Compliance?

Encrypting emails is a good practice for HIPAA compliance, even if not required. HIPAA’s standards are helpful for broader compliance. Preparing for future privacy and security law changes is essential as regulations become more stringent worldwide.

Although HIPAA rules do not mandate email encryption, it is mandatory to safeguard ePHI. If ePHI is transmitted via email, it should be kept secure using the latest encryption standards.

Why is Email Encryption Important to NRHC?

Patients need the ability to send their health information to hospitals, insurance carriers, and healthcare providers. Large healthcare systems have created secure web portals to meet the mandate for HIPAA-compliant email services protecting PHI data to make it easier to communicate with their doctors and gain access to their medical records.

Many smaller medical providers need a secure way to communicate and exchange patient information. Email encryption became the preferred method of communication and archiving for e-discovery. All email messages and attachments must always be safe. NRHC is accountable for its patients’ data protection, privacy regulations, and compliance governance.

NRHC Decision to Move Ahead with Trustifi Email Encryption

Jacobb Sullens, information systems manager for North Eastern Health, recognized the challenge of complying with HIPAA data protection mandates while delivering IT security solutions to the entire organization.

The Trustifi team, including sales, engineering, and customer success teams, quickly developed a strategy to meet and exceed Jacobb’s complex challenge of securing all emails and attachments outbound from the NRHC email platform to their patients.

“My team is 100% responsible for all the data at rest or in transit, any HIPAA or PII data. We need a secure, affordable, easy-to-use email encryption solution for our entire organization,” said Jacobb.

Understanding the Client’s Needs, First

With the adoption of electronic medical records and the need for greater patient accessibility, NRHC discovered several Northern California health providers, including the UC Davis, Sutter Health, and the University of California San Francisco health systems, using more email encryption than traditional fax machines and eFax solutions.

“We noticed a trend last two years, UC Davis and UC San Francisco moved away from secure fax solutions, ultimately reducing the need to shred documents. These large healthcare systems turned their focus toward email encryption,” said Jacobb.

Jacobb and his teams approached The Global Mail Security provider, Trustifi to address their security concerns. NRHC had no other way to control, restrict and monitor all emails. Trustifi empowered NRHC with their advanced AI email security platform to adopt a variety of security adaptive controls, including these integrated layers of protection:

  • Inbound Email Protecting, including antispam, anti-malware, and domain spoofing.
  • Outbound Email Protection, including email encryption and data loss prevention.
  • Easy-to-use management console
  • Email Archiving
  • Executive Notification and HIPAA Compliance Reporting
  • Quick ramp-up and end-user adoption

“Trustifi was the easiest security solution to adopt in my twelves years being in IT,” said Jacobb.

Why Trustifi?

Healthcare providers, insurance companies, and medical practitioners rely on Trustifi’s cloud-based platform to deliver the needed capabilities to protect their users from all email security attacks and encrypt outbound messages. The company produces one of the most comprehensive advanced AI email security platforms on the market, with features that offer value, protection, and scale.

As a global cybersecurity provider of both inbound and outbound email protection, Trustifi currently supports customers from countries including the USA, Canada, Brazil, the Dominican Republic, the UK, the Netherlands, India, the UAE, China, and Japan, Cyprus, the Philippines, and more. The company has also developed “One-Click Compliance” capabilities that cater to world security regulations, including PDPO for Hong Kong, POPI for South Africa, GDPR for Europe, and LGPD for Brazil.

Customer Quote

Jacobb Sullens provided the key to his decision, “Trustifi is what we have been looking for a while–ease of use and price did it for us; every dollar has to be spent wisely and efficiently. We don’t have a huge budget, and Trustifi delivered with exceptional value and expertise to solve our email encryption challenges.”

Related Posts