FAQ - HIPAA Compliant Email

Security and encryption is enforced without compromise for all the email messages sent using CryptnSend. An SSL (or TLS) session is initiated before login or password information is exchanged and well before any data is transmitted. Server certificates we use are 100% secure using RSA-powered TLS (Transport Layer Security). Email sent will be force encrypted and secured by MDVault to maintain compliance with security regulations. Click here for more information. All messages sent using CryptnSend service are encrypted by default.

CryptnSend service is specifically meant for US healthcare providers. However CryptnSend can be accessed from few other countries in addition to the United States.

For security reasons CryptnSend service is not accessable from some geo locations outside the United Staetes. Please contact us for details.

All those whose security credentials are unknown are “Other recipients”. We strongly recommend to send secure and encrypted email messages these recipients to maintain security and meet compliance requirements.

When a message is sent to “Other Recipient” it is encrypted with industry-standard AES-256 encryption in CBC mode with MD5 hash. This is the same kind of encryption is used by many Banks and Federal agencies around the world to protect their data.

These “Locked Messages” are not delivered to the Inbox of recipient. Instead they are stored in secure server MDVault of CryptnSend. A notification is sent to the recipient informing a secure, encrypted message has been received.

When a locked (encrypted) message is sent, it is stored in our secure server MDVault and just a notification is sent to the recipient, containing a secure weblink. By clicking this link and entering password recipient can log into our secure server, decrypt, view the message, and download attachments if any. In addition the recipient can send secure reply.

Encrypted messages are sent by CryptnSend for security and compliance. These messages needs to be decrypted with a password to view them. It is very easy to send plain messages instead of encrypted messages. Use your regular email account instead of CryptnSend!.

The HITECH legislation is Title XIII of the 2009 American Recovery and Reinvestment act, and can be found here:
http://www.gpo.gov/fdsys/pkg/BILLS-111hr1enr/pdf/BILLS-111hr1enr.pdf

We respect your privacy. We never rent, sell or share client details with anyone.