The emails that extendedReach sends and receives support SSL/TLS encryption, as it is the standard and virtually universally supported. It provides in-transit encryption to prevent access to the email and its contents. KCare uses LuxSci to send secure messages. For more information about the HIPAA-compliant services KCare has with LuxSci, refer to this webpage.
If your email domain accepts forced TLS, emails will be delivered directly to your email inbox. If your email address is not secure or your email domain does not accept forced TLS, you will need to retrieve your messages by logging into the extendedReach SecureLine Message Escrow service.
You can check to see if your email domain allows forced TLS using this tool: https://luxsci.com/smtp-tls-checker
Tips for using this tool:
1) Be sure to only enter your email domain in the box, no "www." and nothing before or including the "@" of your email address.
2) Toggle the radio button to "On" for "Don not show the results publicly."
3) Click the "Analyze Domain" button
Viewing the Results
If the email domain accepts forced TLS, you will see the green message:
If the email domain does not accept forced TLS, you will see the red message:
Emails sent from the extendedReach system to email addresses that are not secure (or don't allow forced TLS) will need to be accessed using the extendedReach SecureLine Message Escrow service. Instructions for how to access these messages can be found here: extendedReach Email Security Gateway (extendedReach SecureLine Message Escrow service)
The email notifications that extendedReach sends, can be setup and configured under Administration » Organization Settings » Email Alerts (Active). You can control whether these contain PHI or not with the settings, depending upon if recipients of the alerts are using a TLS email server.