Optometrists and Labs Need Encrypted E-mail

E-mail is awesome because you can send notes, pdf’s, and other files quickly and easily- except when you are a doctor. Since any script kiddie can sniff your e-mail inbox, doctors can’t send e-mails of cornea topographies to labs, referrals to colleagues, or special testing results to patients because that would be a breech of patient confidentiality and a violation of that one unnecessary, burdensome law.

I protect patients by encrypting my e-mail!
I protect patients by encrypting my e-mail!
I’m sure George Q. Public doesn’t want his K-readings leaked to the press when he decides to run for President someday.

But seriously, sometimes birth dates and stuff are printed on the reports, so if doctors want to use this cool, new thing called “e-mail,” we’ve got to set-up our e-mails to have the capability to send and receive encrypted messages and attachments. What does it look like?

hQEQA+fCUifC1JYBEAALBTMH/14qvUP037oLntVx4WGUXl7b4+6NLQVDGNTD
i6zZejhe2/AzCrNB1tLhUU9HNh70e4Wi1eIAj/08QFZvlTZY+F641HR4XsZd
C6yAdvtsL8BCqcI0wJZQLXY7viioJiMz1cZW0w5fD81ld4acFgAi6Fbh9hUg
J3w42fcoE9JdRSnVbrsNrMtO0mBlvGl2lYWzEQYvHA5uPmYLLETiRwLWxBgS
L+ALi1MyvAK4VOoGQ44dmCOpbaKQ7IBG3SOfdDOR0f1ISF6HLm7J4TupVqcP
a4Up+7XoCK7nAZiCHFr4J/IhQ09Xe/7AlU5lBo2A7BlE7tsu9Ouke5bMuM2T
w7ZT9rukaNNXCXuWUCx9TwF3SRbuYen5+htDPzfl8a3JlYLG9DGvQFdD4jM5
WM9HQHce7BqpkHmEInfbvnYM5OI31N3QEvFk5E1OVn508MB+OM4KGK3PPqTi

So your email inbox gets a message that looks like this. You have an e-mail client plugin that you have set up. You input your password, and the message magically translates to:

Dude, isn’t this so cool that not even the government can tell what I’m writing you? Unless…you forward this message to them unencrypted, but I trust you.

You can see this in action on my practice website. To get started and do this you need a few things:

Your practice’s domain name (usually your web host will offer e-mail storage)
or
any e-mail address that you can access via the e-mail client Thunderbird. (ie POP3 or gmail)

Download the following:

  • GnuPG– the free, open source engine that runs encryption. The Windows version is found at gpg4win.org.
  • Thunderbird– a free, open source e-mail client.
  • Enigmail– a free plugin for Thunderbird that makes it easy to make your encryption keys, share your public key, store other people’s public keys, and encrypt/decrypt e-mails. You should read the install instructions for Enigmail.

Make sure when you generate your encryption key password that it is extra long and random. You must assume that anyone could capture it and try to brute force it. If it is long and random, it would be nearly impossible to crack. I suggest keeping your random, long password in a password wallet.

Why not do it?

Barriers to entry:

  • It doesn’t do any good for you to have e-mail encryption if the person to whom you want to e-mail the top-secret K-readings doesn’t have e-mail encryption set up. They must have a public key that they share.
  • I’ve just presented a free way (unless you have a paid practice URL/webhost) to do this, but it does require some tech savvy to download, install, and implement the tools. This way requires the Thunderbird e-mail client. If you use Outlook or something, there are paid solutions out there.

Why do it?

If every doctor would just get in gear with e-mail encryption keys, we could send patient referrals with high quality color photos and reports instead of low res, black and white faxes (usually with a few vertical black lines on the page). We could send the lab a topography. We could send a patient a report or copy of their Rx. We could talk about the stupid government and how we all secretly agree with Glenn Beck, Rush Limbaugh, and Ann Coulter.

The Goatherders at Opto-Rock 2000

So, I was transferring some old files onto a new hard drive and rediscovered this lost gem. Pacific University College of Optometry has a talent show called Opto-Rock. In the year 2000, a few of us then first year optometry students got together and performed a “fusion of music and dance” which won first place and $100 prize.

From left to right we have:
David Langford, O.D. of VisionHealth EyeCare in North Logan, UT
Jared Walker, O.D. of Drs. Gary and Jared Walker in Twin Falls, ID
Nathan Kohler, O.D. of Parkway Eyecare in Shelley, ID
Ben Marske, O.D. of Eye Center of Northern Colorado in Fort Collins, CO
David Graf, O.D. of Valley Vision Clinic in Richfield, UT
Nate Munson, a (buddy) of mine that I roped into doing it.

There is actually an interesting story behind the routine. I was told its genesis was at Continue reading “The Goatherders at Opto-Rock 2000”