Solving HealthCare’s eMail Security Problem Essay -- essays research p

Solving HealthCares eMail Security botherAbstractWhile health care organizations have come to depend to a great extent on electronic mail, they doso without a significant electronic mail security groundwork. New federal official law and regulationplace stark naked obligations on the organizations to either secure their email systems ordrastic solelyy circumscribe their use. This stem discusses email security in a healthcarecontext. The paper considers and recommends solutions to the healthcareorganizations problem in securing its mail. Because email encryption will soon be acategorical requirement for healthcare organizations, email encryption is discussed insome detail. The paper describes details and benefits of cranial orbit level encryption modeland considers how PKI is best deployed to set up secure electronic mail.MotivationIt is a simple fact that the US healthcare attention has come to depend heavily onelectronic mail to support treatment, payment and general health care operations. Suchuse, though, is something of a badly unploughed secret as most healthcare organizations haveexplicit form _or_ system of government which either prohibits or seriously restricts the use of electronic mail forthe transmittal of any patient classifiable health information. Historically, the industryhas deemed patient identifiable health information as deserving of special protection,since, by its real nature, such information is highly confidential. Accepting the inherentinsecurity of electronic mail, healthcare organizations have done little to developsecurity infrastructure supporting use of electronic mail for confidential communicationand sort of adopted policies forbidding such use. It speaks to the utility of electronicmail, that even in spite of such policy, as much as 40% of all electronic mail emanatingfrom healthcare organizations contains health information. A very dwarfish percentage ofthis email is encrypted or otherwise protected to ensure its confidentiality andauthenticity.Federal law will prohibit future unsecured use of electronic mail for transmission ofhealth information. The Health Insurance Portability and Accountability execute of 1996(a.k.a. Public Law 104-191 a.k.a. HIPAA) obligates healthcare organizations toimplement reasonable and discriminate good safeguards to ensure that theconfidentiality and integrity of health information is preserved. While reasonable andappropriate i... ...tration, 45 CFR Part 142 -Health Insurance Reform Security and electronic Signature Standards FederalRegister Vol 63, No. 155 August 12, 1998 (1998) 43242-43280.universal resource locator http//aspe.hhs.gov/admnsimp/nprm/secnprm.pdf11. Partner, Chris and Glaser, John Myths about Healthcare IT Spending HealthcareInformatics, July 2002URL http//www.healthcare- informatics.com/issues/2002/07_02/myths.htm12. Perigee.net confederacy , Perigee.net (Home Page)URL http//www .perigee.net/main.html13. Ramsdell, Blake S/MIME Version 3.1 Message precondition - draft-ietf-smimerfc2633bis-03.txt January 16, 2003URL http//www.ietf.org/internet-drafts/draft-ietf-smime-rfc2633bis-03.txt14. Dean, T and Ottaway, W. RFC 3182 - Domain Security Services using S/MIME.October, 2001.URL http//www.ietf.org/rfc/rfc3183.txt?number=318315. United States Code, Title 18, Part I, Chapter 119, ingredient 2511URL http//www 4.law .cornell.edu/uscode/18/2511.html16. Whitten, Alma and Tygar, J.D. Why Johnny Cant Encrypt- A Usability Evaluation ofPGP 5.0 Carneigie Mellon University School of Computer Science adept ReportCMU-CS 98-155. December, 1998URL http//www.cs.cmu.edu/alma/johnny.pdf