HIPPA password protected zip files

[Ed Bruce]

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

To answer more specifically your HIPAA (I assume that is what you meant) 
question:

If you can set it up I would suggest you don't allow encrypted zip files 
but either use encrypted emails or setup a secure ftp server. Yes I know 
this is easier said then done. I face the same issue with trying to 
communicate with several hundred health providers and the nightmare of 
setting up, let alone teaching them all how to use encrypted email (we 
don't). I'm currently looking at PostX to provide encrypted emails, but 
I just don't trust the interface. Ok, I don't really understand their 
implementation. I haven't found a real technical description yet, mainly 
a bunch of market speak that doesn't give me the warm fuzzies.

I would prefer the two methods I recommend, but most health care 
providers just don't understand email encryption. Took me 2 months to 
set up just one with a major hospital with a professional IT department. 
They actually had to contract out the work to get one of their staff to 
communicate with us using encrypted emails. So I can see why the PostX 
solution will appeal to a lot of businesses that need to be HIPAA compliant.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!