Email Encryption Options

Sending and receiving encrypted Email requires both sender and recipient to share public key security certificates (also known as digital signatures). This verifies that sender and recipient are trusted sources. Open Dental supports Standard Encrypted Email and Direct messaging. Both methods require that you obtain an Email Certificate and Install Private and Public Keys on a Workstation.

Note: Setting up encrypted email in Open Dental is similar to setting it up in Microsoft Outlook and Thunderbird.
Topic Open Dental Resources Microsot Outlook Resources Thunderbird Resources
Get and Install a Digital ID Email Certificate

Email Certificate Install

Get a Digital ID Creating PGP Keys
Exchanging Digital IDs Email Inbox, Adding Trust Add a Digital ID to your Contacts Sending and Receiving Public Keys


Standard Encrypted Email

Standard encrypted email is a secure method of exchanging email with trusted sources. Before encrypted email can be exchanged using Open Dental:

See Email Encryption Setup.

How it works:

  1. In Open Dental, Provider A sends a clear text, unencrypted email to Provider B that contains Provider A's public key. To verify the public key is attached to the email, check the Signed By field on the Edit Email Window. It should contain Provider A's email address.
  2. Provider B opens the unencrypted email and adds Provider A as a trusted source. In most email programs (e.g. Microsoft Outlook) there will be a notification in the email that the user can click to add a trusted source.
  3. Provider B replies with an email that contains their public key (digital signature).
  4. In Open Dental, Provider A opens the Email Inbox. Provider B's email message will have 'N' in the Sig column. Click the N to add Provider B's public key to the list of trusted sources on the workstation.
  5. Provider A can now exchange encrypted email with Provider B.

The certificate cache is always checked when sending. If a certificate expires, you will need to repeat the steps above with the recipient.

Direct Messaging

Direct messaging is a method of encrypted email that is intended to simplify the discovery of public key security certificates. Public key certificates are hosted in DNS so they can be discovered automatically using the domain part of the recipient's email address. Direct is used primarily by EHR providers to exchange clinical healthcare data securely with other providers.

Before Direct messages can be sent using Open Dental:

See Email Direct Encryption.

How it works:

  1. Both Provider A and Provider B install email security certificates on workstations and host public key certificates in DNS.
  2. Provider A attempts to send an encrypted email to Provider B. A query automatically goes out to discover Provider B's public key certificate. When successfully found, the encrypted email is sent to Provider B.
  3. Provider B receives the email, and if needed, adds Provider A's public key certificate to his list of trusted sources.

Direct messages can be sent to a provider who does not use Direct (e.g. a non-EHR provider). The receiving provider must become a trusted source by obtaining a digital signature and setting it up on their system. See Email Certificate Outlook for instructions on how to create and setup a digital signature in Microsoft Outlook.