It is important that all email communication containing PHI is kept confidential. Email leaving the University must be protected so that it cannot be intercepted. To that extent, we've made this process easy for you with ZixCorp protection services. There are no keys to exchange or cumbersome steps to remember. And it works seamlessly with our current email application, so there's no learning curve and no information to transfer.

Emails containing PHI will be sent securely. Recipients will go through a few simple steps to access messages and will also be able to respond securely free of charge.

If you have any questions, please contact the Service Center at 732-743-3200.

FAQs

What is Secure Messaging?

Secure Messaging is the automatic process of:

* Identifying outbound email that contain Protected Health Information (PHI)
* Encrypting the email messages that have been identified as containing PHI
* Sending encrypted email using ZixCorp's Best Method of Delivery™

How is PHI identified?

The content of all outbound messages are scanned and compared against two lexicons, or dictionaries.

* Identifier Lexicon has a criteria of identifier information
[example: Social Security numbers]
* HIPAA Lexicon contains HIPAA terminology
[example: a health condition/disease]

The content of the email message must meet a criteria defined in both lexicons for encryption to occur.

* Example 1: Message will be encrypted if message or attachments contain a Social Security number and a name of a disease.
* Example 2: Message will not be encrypted if message or attachments only include a Social Security number.
* Example 3: Message will not be encrypted if message or attachments only include a name of a disease.

What if PHI is in the subject line?

It is not practical to encrypt a subject line of an email. Therefore, any email messages that contain PHI in the subject line will be rejected and returned to the sender.

What do you do if this happens?

* Review the subject line
* Make necessary corrections
* Resend the email

Why are we implementing Secure Messaging?

With the adoption of the HIPAA, it is required that all communications containing PHI be secured. To help implement this important and practical security measure, we are using secure messaging services to protect our email and ensure all PHI remains confidential.

Sending a Secure Message

If lexicon policies are used exclusively, the encryption process will happen transparently without requiring any user input. Please refer to "What is Secure Messaging?" above for more details.

If you are using ZixMail for point-to-point secure email delivery you may click on the ZixMail button (e.g. Red "Z" in Outlook) in your toolbar to automatically encrypt a message.

However, your organization may have also set up a special keyword encryption policy. In that case, you would just type the specific keyword (e.g. secure or confidential) anywhere in the subject of your email and the content of the email will automatically get encrypted once it is sent. Please contact your secure email administrator to confirm your company's specific keyword.

What if the recipient does not retrieve the message?

If the recipient does not retrieve the message before the expiration date, you will receive an expiration notification email. The original message will be deleted from the secure Web site.