What is Secure Messaging?

Secure Messaging is the automatic process of:
  • Identifying outbound email that contain Protected Health Information (PHI), company confidential data, etc.
  • Encrypting the email messages
  • Putting encrypted email messages on ETMC's Secure Email website for storage and pickup by the recipient
  • Sending the recipient a clear text message containing a link to the encrypted message on the Secure Mail website

Why are we implementing Secure Messaging?

Sending an email message across the Internet is about the same as sending a postcard through regular mail – the contents are visible to anyone who cares to look at it. With Secure Messaging messages containing patient health information, company confidential data, etc. can now be protected and are visible only to the intended recipient.


How is confidential data identified?

The content of all outbound messages, including attachments, are scanned and the results compared against several lexicons (a.k.a dictionaries). These dictionaries contain medical and other terminology that is normally associated with personal health information, financial reports, and other company confidential data. A score is then given to the message and, if it is higher than the preset threshold, the message will be encrypted.


What if confidential data is in the Subject Line?

It is not technically possible to encrypt the subject line of an email therefore any messages that contain confidential data in the subject line will be rejected and returned to the sender. You will need to modify the subject line and resend the message for it to go through.

Sending a Secure Message.

For the most part you don’t need to do anything special when sending confidential Internet messages containing PHI or company confidential data as this process is completely automated. But if you want to be sure the message you send is encrypted just put the word ‘secure’ in square brackets into your subject line exactly like this: [secure]

The recipient will receive a notification message that they have a secure email waiting for them. A link within the notification message will allow them to retrieve the message from the ETMC Secure Mail server.


What if the recipient does not retrieve the message?

If the recipient does not retrieve the message within 30 days the sender will receive a notice to that effect and the original message will be deleted from the secure website.