C. Getting a URL Unencryption Key
STEP 1. Create or find your document(s) on your local device.
STEP 2. Using your browser go to https://send.firefox.com
STEP 3. Drag/drop or browse to select your document(s) to upload. (You can send directions in one document file and the actual documents of interest in another file.)
STEP 4. Select 1 download or 1 day (the defaults) to limit the days you document(s) are stored on a public server (again encrypted assuming you password protect them.)
STEP 5. (IMPORTANT) Select a password for your document(s) according to the rules you see below in section B.
STEP 6. Upload your encrypted and password protected document(s) to the public server.
STEP 7. Get a URL with an unencryption key back (an example is on the right).
STEP 8. Send us that 'URL with unencryption key' as well as tell us what password method you used (but NOT the actual password) from the list of alternatives below in a regular email or using our contact us submission web form.
Thanks to one of our patients for this idea.
D. The File Info You Send Us Via Email
E. Remember . . .
Sending us regular email is NOT HIPAA compliant. It is like sending us a postcard where everyone can see your personal information. The best way to send us something securely is not over the internet, but by calling us by phone or using regular postal mail or by sending us a fax.
If you absolutely want or need to send us information securely using an email approach, here's a process that we found that works well. (This approach is completely free and no subscription is required. It is also highly secure and uses AES-128 encryption to encrypt everything on your client device BEFORE it is sent anywhere, provided you follow the directions properly involving the use of a password, so no one can unencrypt your information without both the URL unencryption key you get back from the process as well as the password you use to encrypt the file as explained below. The Mozilla [firefox.com] organization is very reliable and has been around for years.)
A. THE PROCESS
B. Encrypting a file with a password
1. The file URL unencryption key: (e.g., https://send.firefox.com/download/ca019d9aafcdf91e/#TuimJ-YAycol287zcKKypw)
2. The file password method only (NOT the password itself):
(e.g., Method 3 from our list)
As long as you are NOT including the actual password with the URL unencryption key you are sending us, you are good!
This looks complicated but it is actually pretty simple once you walk through it once. The reason your information is secure is that beyond your information being encrypted the password for unencrypting the document is never shared in the clear through the same path that you are using to share the document back to us.
B. SELECTING A PASSWORD
Pick one of the following:
1. call us with your secret string and we will put it into your EMR to use (e.g., myabc#42)
2. use your SSN that we already have on file (e.g., 555-44-1234)
3. use the last four of your phone and the four digit year of your date of birth that we already have on file (e.g., 1234-1970)
4. use the last four of your emergency contact phone and last four of your emergency contact name that we already have on file (e.g., 1234-mith)
5. use your driver's license number (use all caps for letters) that we have on file
6. use your insurance card number (use all caps for letters) that we have on file
7. or use something else (that is not easy to guess) about you that we already have on file
C. SENDING YOU ENCRYPTED INFORMATION
We can also use this same process to send you secure information in reverse if you wish.
If you have questions, reach out to our staff by phone or at either firstname.lastname@example.org or email@example.com for more information.
D. MAKING A SECURE ONLINE CREDIT CARD PAYMENT
If you want to send us a credit card payment by this process, just put your credit card information in a text file (your name or patient id, cc number, mm/yy expiration date and CSV code) along with the payment amount (and billing address if it is different than what we have on file), encrypt the text file through the process above and provide firstname.lastname@example.org the return URL unencryption key from the process and the password method you selected (but again NOT the PASSWORD itself) in a regular email to us. (We will process the payment in a day or so and send you a confirming payment email through our usual channels.)
E. OTHER ALTERNATIVE
If you have PDF encryption software and know how to use it, you can use it in lieu of send.firefox.com. It is much less secure, but can be used in a pinch. Just send us the encrypted PDF file and tell us the password method (NOT the password) from our list in your email. (We are not recommending this approach, but just making you aware of it.)