LA BioMed Secure

Transcription

1 INFORMATION SYSTEMS LA BioMed Secure Los Angeles Biomedical Research Institute at Harbor-UCLA 1124 W Carson St Bldg E2.5 Phone

2 Table of Contents Intended Audience... 1 Purpose... 1 When to Encrypt an HOWTO Send a Secure (a) Method 1 (Most Versatile)... 2 (b) Method What will the recipient see when he/she receives the ?... 5 What will I see if the recipient responds to the encrypted ?... 7

3 Intended Audience LA BioMed employees/volunteers with any variation of a labiomed.org, obgyn.humc.edu or emedharbor.edu address. Purpose This document will show the LA BioMed employees/volunteers how to send an encrypted to an outside organization address such as joe@yahoo.com. When to Encrypt an Anytime Protect Health Information (PHI) is being communicated outside of the organization via . Under HIPAA, PHI is defined as any information about health status, provision of health care, or payment for health care that can be linked to an individual. The 18 identifiers of PHI according to HIPAA 1996: 1. Names; 2. All geographical subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code, if according to the current publicly available data from the Bureau of the Census: (1) The geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and (2) The initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older; 4. Phone numbers; 5. Fax numbers; 6. Electronic mail addresses; 7. Social Security numbers(ssn); 8. Medical record numbers; 9. Health plan beneficiary numbers; 10. Account numbers; 11. Certificate/license numbers; 12. Vehicle identifiers and serial numbers, including license plate numbers; 13. Device identifiers and serial numbers; 14. Web Universal Resource Locators (URLs); 15. Internet Protocol (IP) address numbers; 16. Biometric identifiers, including finger, retinal and voice prints; 17. Full face photographic images and any comparable images; and 18. Any other unique identifying number, characteristic, or code (note this does not mean the unique code assigned by the investigator to code the data) 1

4 HOWTO Send a Secure There are two methods for sending a secure from an LA BioMed address to an recipient outside of the LA BioMed organization. (a) Method 1 (Most Versatile) Prerequisites Any client that is configured to use the LA BioMed servers. Examples of clients include Microsoft Outlook, Entourage, Thunderbird, etc This also includes LA BioMed webmail at and Smart phones that are configured for LA BioMed . Sending a Secure There is only one step to encrypt an and it will work whether you are composing a new , forwarding an , or replying to an . Please note that you will receive a read receipt once the recipient reads the encrypted Type [Secure Message] in the subject of the . See Figure 1. Important: Make sure you type [Secure Message] exactly as it appears above including the brackets. You must include the brackets! Figure 1 2

5 (b) Method 2 Prerequisites Microsoft Outlook 2003 or 2007 running on a 32bit version of Windows XP or Windows Vista. Outlook must be configured to use the LA BioMed servers. You will also need to have the Ironport Outook plug-in installed. Installing the Plug-in 1. Go to Start -> Run on your computer 2. Type or paste \\thor.rei.edu\deploy\ironportplugins-outlook\secure and hit OK. See Figure 2. Figure 2 3. Double click OutlookDesktopFlag_6.5.0_003.msi to install the plug-in and take all of the defaults on the install. 3

6 Sending a Secure Using the Outlook Plug-In This will work whether you are composing a new , forwarding an , or replying to an . Please note that you will receive a read receipt once the recipient reads the encrypted Compose your as you normally would. 2. Instead of clicking Send, click "Secure Message" and your message will be sent securely. Note: Make sure clicking the "Secure Message" button is the last thing you do because it will send your . See Figure 3. Figure 3 4

7 What will the recipient see when he/she receives the ? The recipient of the will receive an with an attachment titled securedoc.html. See Figure 2. They will be required to click and run the attachment which will then take them to the Cisco Registered Envelope Service. See Figure 3. If it s the first time they have been to the Cisco Registered Envelope Service they will need to register by answering a series of questions. See Figures 4 and 5. Any subsequent time they receive an encrypted from LA BioMed, they will just need to sign in to view it. Figure 4 Figure 5 5

8 Figure 6 Figure 7 6

9 What will I see if the recipient responds to the encrypted ? If the recipient responds to your encrypted , you will need to go through the same steps they did. This means if you have not previously registered with the Cisco Registered Envelope Service you will need to do so. Please see What will the recipient see when he/she receives the ? section for details. 7