Medical and health organizations have a large number of emails need to be processed every day. These emails almost involve many confidential information of patients and partners, but they are all cleartext emails, which are very easy to be illegally stolen and tampered with. This is an email security problem that must be resolved as soon as possible.
To ensure the security and confidentiality of the email, the content of the email itself must be encrypted. To ensure the credibility of the email without being counterfeited, every outgoing email must be digitally signed. To ensure the time of the sent email is credible, every outgoing email must be timestamped.
Medical and health organizations simply change the current email client to MeSign APP to achieve full encryption, end-to-end encryption and fully automatic encryption, as well as fully automatic digital signature and timestamp. If Medical and health organizations think it is not practical to change their email client, then they can deploy MeSign Mail Gateway to encrypt every outgoing email without changing email client.
And we recommend that medical and health organizations can deploy their own cryptographic key management system (KM) to fully control their encryption keys to meet the high security requirements of email security.
Using MeSign for end-to-end email encryption will enable medical and health organizations to truly implement mobile working, which not only meets the urgent needs of mobile working, but also meets the high security requirements for email.
As shown in the following diagram on the left, in order to ensure that the encryption key is highly secure and controllable, medical and health organizations only needs to connect the plug-and-play KM device to the intranet. All staff’s computers and mobile devices must be able to connect to KM device to get the encrypting certificate private key. After successfully obtaining the encrypting certificate, the email encryption can be used normally. KM devices cannot access the Internet and are limited to employee computers and mobile devices access in intranet to ensure the device and private key security. Medical and health organizations can also build their own CA to issue certificate for its users instead of using the MeSign default CA. MeSign provide a plug-and-play CA device that just need to connect to internal network, MeSign APP will get the signing certificate and encryption certificate from this in-house CA system, not from MeSign default CA.
In other words, MeSign encryption solution allows medical and health organizations to achieve complete and autonomous control of confidential emails by simply managing and controlling the encryption key and/or issue the certificate by itself even the application environment is untrustworthy.
Medical and health organizations have a large number of paper documents and forms to be processed every day, such as online registration, patient medical records, doctor's prescriptions, diagnostic reports, test results, medical reports, drug procurement contracts, and the internal documents signing. They have begun to shift to paperless, but the problem is how to ensure that these electronic documents are really issued by medical and health organizations, have not been impersonated or tampered. At present, the only feasible technical solution is to digitally sign all medical and health organization document in PDF with timestamp and send them to users using encryption.
MeSign not only has digital signature automation solution that can help the PDF documents generated by the internal medical and health organization systems to achieve a trusted digital signature with one click, but also has email signature and encryption automation solution to help the medical and health organization systems to send the signed PDF document by encrypted email to users, and completely make the electronic files with reliable digital signature without counterfeiting and make the delivery of electronic files more secure.
As shown in the above diagram on the right, the user handles the medical and health services on the medical and health system and fills in forms online. After completing the forms, the user can sign by hand on the business system or a pharmaceutical company's USB Key certificate and submit it to the medical and health management system. After processing is completed, the management system calls the cloud MeSign eSigning Service system or locally calls the MeSign e-Signature System to sign the PDF file with Adobe trusted certificate. For services that do not require the user to fill in the form (such as prescriptions, medical certificates, test results, medical reports, statements, announcement or notice), the PDF file generated on the management system can be directly called the MeSign eSigning Service to complete the PDF signature.
It is recommended to encrypt all important medical and health documents. System just need to call MeSign public key certificate database (CerDB) to obtain the user's encryption certificate to encrypt the PDF file, the user can seamlessly view the encrypted PDF file using Adobe Reader. The medical and health system sends encrypted emails to users using the user's encryption certificate, ensuring the secure and reliable delivery of various user confidential documents. Users only need to use MeSign APP to decrypt and read the documents.
This solution has four advantages to ensure that all important medical and health documents are trusted paperless and encrypted in delivery: