Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 319
  • Last Modified:

Secure e-mail with Exchange 2010

Server 2008 with Exchange 2010.

Most users use OWA. Some on Outlook 2007/2010. About 50 users.

Health care org. They want secure e-mail so we don't have to worry about HIPAA compliance when sending info to patients.

I have no idea what is entailed in making Exchange 2010 compliant. Can anyone offer guidance? Will this cost money? Is it going to be extremely time consuming?
0
SECC_IT
Asked:
SECC_IT
  • 4
  • 2
1 Solution
 
Simon Butler (Sembee)ConsultantCommented:
Your question is too open.
Unfortuantely so are the HIPAA regulations.

Someone in the org should be aware of the interpretation of the guidelines for your business. You need to follow those.

It can be as complex as encrypting every email. That isn't cheap and isn't straight forward, particularly for recipients.
You could ban the sending of certain information and then use transport rules to enforce those blocks.

Exchange Hosted Encryoption (which is a paid for cloud service) has HIPPA ruleset that you can use.

Simon.
0
 
SECC_ITAuthor Commented:
I was hoping for more answers. Aren't there any IT admins out there in a healthcare environment that have had to deal with this?

I am the "someone" who is aware of the regulations. According to what I have read, anything that has protected health information (PHI) has to be encrypted.

Anyone else have any help for me?
0
 
Simon Butler (Sembee)ConsultantCommented:
You cannot bump questions on this site.
Once the question has gone from the first page (anywhere between 1 and 4 hours depending on the time of day) then no one else will look at the question.

As far as I am aware, none of the top 10 contributors to the Exchange zone on this site are in the USA, so HIPPA doesn't affect us. You may have better luck on the Technet forums, where there are more American people, or one of the lists.
The Exchange list at My IT Forum is busy and is mainly USA based people posting.
 http://myitforum.com/myitforumwp/services/email-lists/

Simon.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
SECC_ITAuthor Commented:
Thanks - I tend to stump this forum more often than not. Please close this question as "unsolved."
0
 
SECC_ITAuthor Commented:
You cannot have secure e-mail with Exchange without it being a huge PIA - certificates on each user's computer that uses it, certificates on the server, yada yada.

You are better off looking into a hosted solution, such as TrendMicro. They do not host your e-mail, but create a secure environment for your e-mail. There is a downside of the recipient having to go through some steps to read the e-mail, but I believe that once they have downloaded the key onto their computer, they are fine.

Anyway, feel free to close this, O' Geeks of EE.
0
 
SECC_ITAuthor Commented:
Nobody provided me with an acceptable answer. My answer is based upon information I found doing research.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now