secure, HIPAA-compliant e-mail service
August 1, 2008 9:44 AM   Subscribe

I need a recommendation for a secure, HIPAA-compliant, e-mail server for a small law firm.

I'm an attorney at small law firm (4 attorneys and 3 staff). E-mail is absolutely crucial to our practice and our in-house server keeps crashing and our tech people can't seem to fix it. We're fed up and looking at possibly hosting our e-mail off-site. However, we need the server to HIPAA-compliant (we represent health plans) and we need to have the mail encrypted so that we have some assurance that our e-mail won't be turned over if the the outside server receives a subpoena. My concern is that much of our e-mail consists of confidential, privileged communications and I don't want some outside server responding to subpoena before we get a chance to fight it in court. Reliability and 24/7 service are also crucial. Any ideas?
posted by bananafish to Computers & Internet (1 answer total) 3 users marked this as a favorite
Get the provider to sign and agreement that they will (1) inform you of any subpoena issued to them within 3 days; (2) that they will not turn over materials before you are given a chance to move to quash.

You're essentially not trying to prevent them from turning over the E-mails via encryption, you are trying to make it impossible for any of the E-mails from being read if they are turned over. The subpoenaing party could get some computer expert to beat your encryption. You'd have no chance to stop that.

I'm no expert on electronic discovery, but that's what I would think.

You might seek out off-site storage firms that cater to the needs of law firms.
posted by Ironmouth at 9:58 AM on August 1, 2008

« Older Girl to the North Country   |   How to buy Rock Band replacement part? Newer »
This thread is closed to new comments.