I am being asked by our human resources department to provide a way for them to have secure email because of HIPAA laws. With other companies, they are seeing things like Secure Envelope Cisco, and PGP Universal Web Messenger.
I've been researching and am having difficulty understanding how this works and what we really need. There are only two employees at this location that need it at this time. In the future there may be more.
1) Is there an actual hardware appliance involved in this, or just software?
2) Can I do this through our Exchange 2010 mail server without an outside vendor needed?
3) Any general suggestions?