How to mail, encrypt and send information for use by non-technical users?

2

A doctor friend of mine wants to email reports to her patients, but doesn't do so as she only wants it to be viewed by the patient. Any recommendations? I am thinking possible solutions might be:

  1. Encrypted E-mail: Encrypt the email using private/public keys. I think this might be too difficult for the patient recipient.

  2. Encrypted Attachement: Encrypt the file (not the email) using some software and a phrase for the key, and give the phrase to the patient in person or over the phone. The patient (who most certainly uses Windows or Apple and not Linux) would then, however, need to have access to the software.

    I guess a link to download the software would work, but probably not desirable. Does Windows and Apple have this functionality embedded? Or maybe zip it and encrypt it, or wrap the file in some of executable when clicked will extract it?

Or maybe something else?

user1032531

Posted 2017-01-12T01:36:41.857

Reputation: 1 331

Question was closed 2017-01-13T02:37:30.197

a) simply send the email, the user already have to autenticate him/herself when getting emails b) set up a webpage with patient based authentication – Ipor Sircer – 2017-01-12T01:40:37.227

If you want to encrypt the attachment, use existing software like WinZip, but any other solution would be more complicated by avoiding doing it right and encrypting the email itself – Ramhound – 2017-01-12T01:43:24.307

@Ramhound And how would a patient on the other end deal with Zip file encryption? In my experience, badly at best. And with passwords being conveyed over the phone? Boy howdy! Mess city! – JakeGould – 2017-01-12T02:04:01.713

You just open the archive. Winzip handles the encryption. I didn't say it was a good idea, but the alternatives, are more complicated the email encryption implementations – Ramhound – 2017-01-12T02:16:21.093

It's extremely likely, if your doctor friend sends patient files by email unless the ENTIRE email is encrypted or will violate HIPAA. The proper way, host the encrypted files, behind an account system, that only allows the patients to access the account. Sending a patient their test results to a google mail account is a horrible idea – Ramhound – 2017-01-12T02:21:43.823

4If you think the recipients will be unable to unzip or decrypt an attachment, then you're basically SOL when it comes to email.  If the doctor doesn't trust email, then don't use email; use a web server, reports in PDF, and logins for the patients. – Ƭᴇcʜιᴇ007 – 2017-01-12T02:32:08.317

Answers

1

  1. Windows Office, LibreOffice and other office suites offer a Save as.. dialog with Password as an option. Save the message as a document with password and attach to the email.

Writer Save As dlg Writer Password dlg

MS Office/Open Office/LibreOffice DOCX all use Microsoft Enhanced RSA and AES Cryptographic Provider (rather than the more-secure Microsoft AES Cryptographic Provider), which provides RSA and triple-DES encryption, but not AES-256 or greater. Thus, DOCX encryption is of only moderate strength, and may or may not be HIPAA compliant.

  1. Compression applications such as 7-Zip and PeaZip offer encryption strength up to AES-256, and can encrypt and compress multiple documents at once, e.g. x-ray TIFF, OV summary DOC etc. This is more secure and also more efficient than using each application's encryption. It is simpler for the recipient, too, who would need to input just one password to open all files in the archive. It has been my experience that the various Zip tools are compatible, as well, even across OS -- for example, 7-Zip files encrypted under Windows OS can be opened in Ubuntu's archive manager.

7-Zip encryption dlg

As you state, the password should be given through a medium other than email, e.g. fax or phone. Best might be to call the recipient after the email is received and stay on the phone to talk through the decryption process.

DrMoishe Pippik

Posted 2017-01-12T01:36:41.857

Reputation: 13 291

Are the Windows Office and LibreOffice compatible, and would they also work with Apple's equivalent? Not everyone has 7-Zip, etc, which might make this difficult, but I think it is a good option. – user1032531 – 2017-01-12T02:03:01.963

LibreOffice can save files in DOC and DOCX formats, so would be compatible. The various Zip tools encryption also seem to be compatible, as well, from my own observations, even across OS -- for example, 7-Zip files encrypted under Windows OS can be opened in Ubuntu's archive manager. – DrMoishe Pippik – 2017-01-12T02:12:23.080

1Its trivial to brute force a Word document password. You have to be sure the document is actually encrypted if your not using Office to encrypt the document – Ramhound – 2017-01-12T02:51:49.420

Not true for DOCX format, which is PKZIP format and encrypted. Perhaps true for ancient DOC format. Take a look at the same DOCX files saved unencrypted vs. encryoted. – DrMoishe Pippik – 2017-01-12T02:59:16.423

0

First you suggest this:

“Encrypt the email using private/public keys.”

Then you suggest this:

“Encrypt the file (not the email) using some software and a phrase for the key, and give the phrase to the patient in person or over the phone.”

The chances of either solution working for average patients is 100% zero. Most people don’t understand what PGP/GPG encryption is and sending an encrypted attachment and then giving a password over the phone is a mess waiting to happen.

That said I think the only solution that could practically work would be an encrypted PDF with password protection. The PDF can be sent as an attachment and an password can be passed along by phone, mail or even email.

But that said you also state this; bold emphasis is mine:

A doctor friend of mine wants to email reports to her patients, but doesn’t do so as she only wants it to be viewed by the patient.

At the end of the day, you can only control how to lock something, but you cannot prevent anyone from seeing the contents if the person on the other side is sloppy with password storage. Meaning, an encrypted PDF is a good solution, but if your patient leaves the password on a PostIt™ note on their desk or prints it out, there is nothing to stop anyone nearby from reading that content.

Of course, that is an expected risk, but thought it would be best to mention it. At the end of the day the best you can hope for is to protect the PDF in transmission from doctor to patient; past that all bets are off.

And FWIW, the HIPAA (The Health Insurance Portability and Accountability Act) does accommodate for the use of emails to communicate with patients regarding their care regardless of the e-mail being encrypted or unencrypted; bold emphasis is mine:

Does the HIPAA Privacy Rule permit health care providers to use e-mail to discuss health issues and treatment with their patients?

Yes. The Privacy Rule allows covered health care providers to communicate electronically, such as through e-mail, with their patients, provided they apply reasonable safeguards when doing so. See 45 C.F.R. § 164.530(c). For example, certain precautions may need to be taken when using e-mail to avoid unintentional disclosures, such as checking the e-mail address for accuracy before sending, or sending an e-mail alert to the patient for address confirmation prior to sending the message. Further, while the Privacy Rule does not prohibit the use of unencrypted e-mail for treatment-related communications between health care providers and patients, other safeguards should be applied to reasonably protect privacy, such as limiting the amount or type of information disclosed through the unencrypted e-mail. In addition, covered entities will want to ensure that any transmission of electronic protected health information is in compliance with the HIPAA Security Rule requirements at 45 C.F.R. Part 164, Subpart C.

Apparently HIPAA Security Rule requirements at 45 C.F.R. Part 164, Subpart C can be found somewhere over here, but I can’t seem to find the specifics.

JakeGould

Posted 2017-01-12T01:36:41.857

Reputation: 38 217

Thanks Jake, I will look into this. I understand your point about sloppy personal security behavior, but not much one can do. Currently, she physically gives the patient the document, but who says they won't place it face up on their desk at work? – user1032531 – 2017-01-12T01:59:17.243

@user1032531 “Currently, she physically gives the patient the document, but who says they won't place it face up on their desk at work?” Exactly. That’s why I said, “Of course, that is an expected risk, but thought it would be best to mention it.” Because the other aspect of the issue you are dealing with is some people’s expectations that technology can magically prevent key aspects of human behavior—such as sloppiness—from manifesting in a process. At the end of the day the best you can hope for is to protect the PDF in transmission from doctor to patient; past that all bets are off. – JakeGould – 2017-01-12T02:02:09.007

1HIPAA laws are extremely strict. – Ramhound – 2017-01-12T02:22:32.450

@Ramhound Good tip! Will edit to add official info on this. – JakeGould – 2017-01-12T02:26:45.180

1The provider generating the report almost certainly asks for certain information from the patient in order to authenticate them before providing treatment, supplying information etc. Most of the time it seems to be just the date of birth, but I'd imagine the provider also has e.g. social security number. They could use that as the password for an encrypted PDF and in clear-text email, tell the recipient to use their SS# as the password. Mention in the email that they'll need Acrobat Reader to open the PDF, and include a link to the Reader installer. – Steve Rindsberg – 2017-01-12T02:53:30.437

@SteveRindsberg You realize that it would be trivial to brute force a password that's simply a social security number? 9 digit password which only contains characters 0-9....Give me 5 minutes and I'll open any document with a random social security number used to encrypt it. 'XXX-YY-ZZZZ'.... – Ramhound – 2017-01-12T02:56:31.780

@Ramhound Good point. So the provider can add a few more bits of information that the recipient will know but that others won't. If the document's to be emailed, I'd choose PDF as the format because it's likely the most widely usable. Making the documents available via download from a secure web site would be even better IF the resources to set up and maintain such a thing are available. – Steve Rindsberg – 2017-01-12T03:07:50.080

Let's just do the world justice and tell somebody that uncryepted emailthat cotais health information is a bad idea even if the attachment is not encrypted – Ramhound – 2017-01-12T04:13:24.360

For doctors who wont mess up with own IT solutions https://www.paubox.com/blog/hipaa-compliance

– Alex – 2017-01-12T05:29:06.967

Asked: 2017-01-12T01:36:41.857

Viewed: 163 times

Active: 2017-01-13T00:24:27.443