Signing up for a Hushmail for Healthcare account is the first step toward establishing a secure, HIPAA-compliant line of communication with your clients. The next step is to make sure your clients understand how you’ll be communicating with them through Hushmail. Here are our top four tips to help you launch your email relationship with a new client.
1. Introduce your clients to the private Message Center
One reason why Hushmail is such a good choice for communicating securely with your clients is that they don’t need a Hushmail account of their own to benefit from our encryption. Instead of having to sign up for an account, they’ll read your messages on a private Message Center that’s free for them to use.
We suggest you let them know that this is how you’ll be communicating with them because they’ll need to look for an email with a secure link and then set up a password before they get started. It helps for them to know what to expect. The process goes like this:
When you send your client an encrypted email, your client will receive an email with a link - Read your secure email. That link will take them to a secure web page where they’ll be instructed to create a passphrase (or password). Once the password is saved, your client will be able to securely read and respond to the initial message, as well as any future encrypted messages you send.
After telling them about Hushmail, we suggest you send them the following document to remind them of the steps. You can send it to them in their first email when they get everything set up.
2. Remind your client to remember their password
This tip is included in the above PDF, but you’ll want to emphasize it verbally to your client since it has a significant bearing on how you’ll communicate. It is very important that your client remembers their password. Because this is a secure email service, the Message Center does not allow your client to retrieve their password. They can create a new one, but it will only be good for opening future emails, not the ones you sent before.
If your client forgets their password, it means they've lost the encryption key to open your email, and you'll have to resend the email. This poses an inconvenience to you both. You might want to emphasize to your clients the importance of “remembering” their password either with a reliable password manager or by writing it down and keeping it in a safe place.
3. Consider extending the 14-day message expiration time
As an extra layer of security, messages on the Message Center expire after a set period of time. By default, the expiration period is 14 days. This is a global setting that applies to all the messages you send to all of your clients. However, you can send an encrypted email to firstname.lastname@example.org with your request, and we’ll set it for as long as you specify. Here are a few things to think about if you decide to make this change:
- Consider how important the extra security is to you and your clients. You might decide it’s fine to extend the expiration time years into the future.
- Keep in mind that changing the expiration time applies to all of your clients. You can’t set different times for different clients.
- Do you send many messages with information your clients will want to refer back to? If extra security isn’t an issue, it might be more convenient for your clients to have a continuous record of the emails.
4. Choose a security question carefully
When you compose that first email, you’ll be given the option to come up with a one-time security question that your client will need to answer before they start reading your emails on the Message Center.
The security question is a good way to verify your client’s identity when you make first contact through an encrypted email. We suggest that you discuss the security question with your client or come up with a question they’ll be sure to know the answer to.
Ready to start communicating securely with your clients?
Here are our top four tips to help you launch your email relationship with a new client: 1) introduce your clients to the private Message Center, 2) remind your client to remember their password, 3) consider extending the 14-day message expiration time, and 4) choose a security question carefully.