Billions of emails are sent each day round the world. What most people don’t realise, however, is that email is like a postcard; it can be read by anyone who knows how to access email as it travels from computer to computer across the internet, until it reaches its destination. Thus, the sender must assume that his or her emails are being read by others, just like a postcard.
If you need to send sensitive information, such as a social security number (in the USA, or its equivalent in other countries), sensitive company information, or patient records, you should not include it in the body of the email or as an attachment. There are several alternative solutions:
- Encryption. It is relatively safe to send a password-protected, encrypted file via email. However, the filename should not give any information about the contents (eg, Clinical_Trial_Results.doc). If the file is intercepted, the thief most likely would not be able to unpack it without the password, provided the password is strong (more about that below), but you have just informed or confirmed for the thief that the information of interest is right there in his hands, which would make him work all the harder to crack the password. Emails themselves can also be encrypted.
- FTP (File Transfer Protocol) sites. In general, one cannot assume that an FTP site is secure. Even if the FTP site is secure, transfer to the site may not be; an unencrypted transfer can be intercepted. However, most FTP programs allow the user to perform encrypted transfer. Also, even if the FTP site is insecure, one can still transfer a password-protected, encrypted file.
- Protect your liability. You most likely will have seen language in some emails, along the lines of, ‘This email is intended only for the individual to whom it is addressed. It may contain privileged and confidential information…’, asking readers to disregard the message if they are not the intended recipients, and that the sender is not responsible for any damage caused by sending the email. Check with your institution’s legal department on appropriate language for your emails, which may vary by department.
Use a strong password
Passwords are increasingly susceptible to cracking, but if carefully crafted, they can make it much harder to decode. Microsoft recommends using a password that has eight letters minimum (preferably 14), mixing upper and lower case letters, including at least one number and also, preferably, a symbol. People often use variations on their own name, a pet’s name, or their children’s name(s). However, the password should not contain a word that can be found in the dictionary. Examples of weak and strong passwords are:
- Weak passwords: Fluffy, MyName
- Strong passwords: FluFfy!115, Hamp1on#723
Passwords are most often stolen through ‘phishing’ (ie, an email containing links to fake websites that appear to be legitimate websites, for the purposes of harvesting passwords) and ‘social engineering’ (a collection of techniques used to manipulate people into performing actions or divulging confidential information). In fact, a password is more likely to be phished than cracked.
It’s important to maintain confidentiality of patient records, even if those records are pseudonymised or anonymised for health economics research. Both the American Medical Association and the UK General Medical Council have stated that patient records transmitted electronically fall under the ‘doctor-patient confidentiality’ agreement, and so need to be protected.
If all else fails, remember to close/lock your computer screen when you leave your office!