27 Mar 2012

The Importance of Auditable Proof of Compliance in Email Encryption Services, Reported in Insurance Industry Email Encryption Buyer’s Guide

Author:

The Council of Insurance Agents and Brokers, in the 2010 Insurance Industry Email Encryption Buyer’s Guide, identified the most important criteria for compliant email encryption – criteria that holds true today as some of the most important purchase considerations.  The Email Encryption Buyer’s Guide selects RPost email encryption as top choice (for both 2010 and 2011). RPost ranked the highest among other providers considering the criteria below among others.

2010 Insurance Industry Email Encryption Buyer’s Guide
2011 Insurance Industry Email Encryption Services Buyer’s Guide Update

The Council concludes, as most important and with regards to its selection of RPost as its top choice, “Only RPost has a robust mechanism in place to provide an auditable record of precisely what message content (body text and attachments) was in fact sent and received in an encrypted manner to each intended recipient. This is important because, in the case where there is a data breach after the email has reached the recipient (in the recipient’s environment, or after they have passed the information along to others), the sender will need to retain information to prove that the breach did not happen “on their watch” – that they in fact complied with the data security requirements and delivered the information in a compliant, encrypted manner”

In the Buyer’s Guides 2011 and 2010, The Council further states:

With heightened enforcement actions by regulators, the email encryption services key purchase drivers are no longer whether or not the provider’s solution was ‘secure enough’ but is now how well the provider’s solution will protect from fines in the case of a data breach.