Encrypted Email is obsolete. Open Dental now offers Secure Email, the easiest and most secure method to communicate with patients and outside providers via email. Encrypted Email was a previous method for secure communication. While still available, it is complex to set up and is not recommended. The information below is available as a reference but may not be up-to-date.
For Open Dental Secure Email, see Secure Email Setup and Secure Email: Workflow.
Sending and receiving encrypted Email requires both sender and recipient to share public key security certificates (also known as digital signatures). This verifies that sender and recipient are trusted sources. Open Dental supports Standard Encrypted Email and Direct messaging. Both methods require that you obtain an Email Certificate and Install Private and Public Keys on a Workstation.
Note: Setting up encrypted email in Open Dental is similar to setting it up in Microsoft Outlook and Thunderbird.
Standard Encrypted Email
Standard encrypted email is a secure method of exchanging email with trusted sources. Before encrypted email can be exchanged using Open Dental:
- Email must be setup. Email security certificates must be purchased and installed on workstations.
- Both sender and recipient must manually share public key certificates by exchanging digitally signed messages.
See Email Encryption Setup.
How it works:
- In Open Dental, Provider A sends a clear text, unencrypted email to Provider B that contains Provider A's public key. To verify the public key is attached to the email, check the Signed By field on the Edit Email Window. It should contain Provider A's email address.
- Provider B opens the unencrypted email and adds Provider A as a trusted source. In most email programs (e.g. Microsoft Outlook) there will be a notification in the email that the user can click to add a trusted source.
- Provider B replies with an email that contains their public key (digital signature).
- In Open Dental, Provider A opens the Email Inbox. Provider B's email message will have 'N' in the Sig column. Click the N to add Provider B's public key to the list of trusted sources on the workstation.
- Provider A can now exchange encrypted email with Provider B.
The certificate cache is always checked when sending. If a certificate expires, you will need to repeat the steps above with the recipient.
Direct messaging is a method of encrypted email that is intended to simplify the discovery of public key security certificates. Public key certificates are hosted in DNS so they can be discovered automatically using the domain part of the recipient's email address. Direct is used primarily by EHR providers to exchange clinical healthcare data securely with other providers.
Before Direct messages can be sent using Open Dental:
- Email must be setup.
- Email security certificates must be purchased and installed on workstations.
- Public key certificates must be installed on a hosting server for both sender and recipient.
See Email Direct Encryption.
How it works:
- Both Provider A and Provider B install email security certificates on workstations and host public key certificates in DNS.
- Provider A attempts to send an encrypted email to Provider B. A query automatically goes out to discover Provider B's public key certificate. When successfully found, the encrypted email is sent to Provider B.
- Provider B receives the email, and if needed, adds Provider A's public key certificate to his list of trusted sources.
Direct messages can be sent to a provider who does not use Direct (e.g. a non-EHR provider). The receiving provider must become a trusted source by obtaining a digital signature and setting it up on their system. See Email Certificate Outlook for instructions on how to create and setup a digital signature in Microsoft Outlook.