Educause Security Discussion mailing list archives

Re: Secure Email

From: Jason Baack <baack () MAINE EDU>
Date: Mon, 4 Oct 2004 15:46:50 -0400

On a similar vein, the health center at the University of Maine uses a
secure web based application
based out of California, relayhealth.com.

This system allows for secure messages, online pt. history, med
refills, appointment requests and other features.
The patient (student) is emailed via traditional-unsecured email to let
them know that they have messages waiting on the system, and provides a
 https URL for them to log in and manage their information.

More information is here:
http://www.umecut.maine.edu/relay.php

- Jason


On Oct 4, 2004, at 2:16 PM, H. Morrow Long wrote:

Yale is using IDX's "Patient Online" secure web-based
application at both the Health Clinic and the Medical
School Physician's practice (aka Yale Medical Group)
to provide communication between patients and doctors.

You can think of IDX's Patient Online more as a 'secure
patient portal' which contains secure messaging for
the patient rather than just as a 'secure e-mail' system
as it does more for patients than just securely provide
e-mail between patients and their providers.

You can get a sense of what the user interface looks like at:
   https://yalepatientonline.org/YSMWeb/IDXPOL/Home.asp

- H. Morrow Long, CISSP, CISM
  University Information Security Officer
  Director -- Information Security Office
  Yale University, ITS

On Oct 4, 2004, at 1:46 PM, Clonts, Neal D. (HSC) wrote:

We have compliance issues that we are trying to meet.  Are we looking
for the technical solution that will resolve all of our security
issues
with e-mail? Probably not...  Some of the applications that we have
looked at are Sigaba, Zipcorp, Entrust and so on.  Right now we are
more
interested in if anyone is using any type of product for secure email
not the technical specifications of what truly is secure e-mail.

---------------------------------------------
Neal Clonts, CISSP, MCP
Information Security Services
University of Oklahoma Health Sciences Center
Office Phone: 405-271-2476, Option 2
Cell Phone: 405-255-2999
Website: http://security.ouhsc.edu

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Matthew Keller
Sent: Monday, October 04, 2004 11:59 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Secure Email

"Secure e-mail" is a neat myth. I'm assuming you mean end-to-end
encryption via SMTPS for sending and IMAPS/POPS for receiving? Please
keep in mind that this does nothing for "securing" the mail during
storage, nor does it "secure" mail from "non-S" clients that use SMTP
or
IMAP/POP, and transfer that allegedly secured e-mail over the wire(s)
en
claire.

If you're referring to another mechanism, feel free to elaborate.

On Mon, 2004-10-04 at 11:59, Clonts, Neal D. (HSC) wrote:

Currently we are looking at a secure email solution for our campus.
Does anyone currently use a secure email solution in their

environment?

Does your campus environment consist of a health science center?

---------------------------------------------
Neal Clonts, CISSP, MCP
Information Security Services
University of Oklahoma Health Sciences Center
Office Phone: 405-271-2476, Option 2
Cell Phone: 405-255-2999
Website: http://security.ouhsc.edu

**********
Participation and subscription information for this EDUCAUSE

Discussion Group discussion list can be found at
http://www.educause.edu/groups/.
--
Matthew Keller
signat-url: http://mattwork.potsdam.edu/signat-url/
"No one ever says, 'I can't read that ASCII E-mail you sent me.'"

**********
Participation and subscription information for this EDUCAUSE
Discussion
Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/groups/.


**********
Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/groups/.

Jason Baack
Electronic Communications Coordinator
Chief HIPAA Security Official - Univ. of Maine System
Cutler Health Center, UMaine.
baack () maine edu
207-581-4140

This e-mail and any files transmitted with it are confidential and are
intended solely for the use of the individual or entity to whom they
are addressed.  If you are not the intended recipient or the person
responsible for delivering the e-mail to the intended recipient, be
advised that you have received this e-mail in error and that any use,
dissemination, forwarding, printing, or copying of this e-mail is
strictly prohibited.  If you have received this e-mail in error, please
immediately notify Jason Baack by telephone at  207-581-4140.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Current thread:

Secure Email Clonts, Neal D. (HSC) (Oct 04)
- <Possible follow-ups>
- Re: Secure Email Matthew Keller (Oct 04)
- Re: Secure Email Clonts, Neal D. (HSC) (Oct 04)
- Re: Secure Email H. Morrow Long (Oct 04)
- Re: Secure Email Matthew Keller (Oct 04)
- Re: Secure Email Jason Baack (Oct 04)
- Re: Secure Email Jere Retzer (Oct 04)
- Re: Secure Email Jamie A. Stapleton (Oct 04)
- Re: Secure Email Ken Shaurette (Oct 05)
- Re: Secure Email Harold A'Hole (Oct 05)