Now Orders sent via email can be encrypted with an electronic signature. These encrypted email messages can only be viewed by an email program that has the corresponding public key to decrypt the message. This feature allows the email orders to be sent orders to the vendor pharmacies over public internet services.
Encryption is needed to be HIPAA compliant for personal health information transferred over public networks to ensure the patient’s privacy.
Some Vendor pharmacies do not have HL7 gateways to electronically received and send Orders. Some prefer to receive the Orders via Email. Sending Email places the patient information on the Internet where it can be viewed by unauthorized individuals in violation of the HIPAA regulations. It is strongly advised to implement secured email technology to guard the privacy of your patients.
Encryption; The security employs PGP encryption which uses public-key cryptography and includes software to bind the public keys to a user name and/or an e-mail address.
The sender creates a Digital Signature (using PGP) for the messages using either the RSA or DSA signature algorithms. PGP computes a “hash or message digest” from the plain text, and then creates a Digital Signature by combining the hash and the sender’s private keys.
Digital signatures; Email uses PGP to support message authentication and integrity checking. The former determines whether the message was actually sent by the person/entity claimed to be the sender. The latter is used to detect whether a message has been altered since it was completed (the message integrity property).