The Importance of Auditable Proof of Compliance in Email Encryption

The Importance of Auditable Proof of Compliance in Email Encryption

March 27, 2012 / in Blog, Encryption/Security / by Zafar Khan, RPost CEO

The Council of Insurance Agents and Brokers, in the 2010 Insurance Industry Email Encryption Buyer’s Guide, identified the most important criteria for compliant email encryption – criteria that holds true today as some of the most important purchase considerations.  The Email Encryption Buyer’s Guide selects RMail email encryption as top choice (for both 2010 and 2011). RMail ranked the highest among other providers considering the criteria below among others.

The Council concludes, as most important and with regards to its selection of RMail as its top choice, “Only RMail has a robust mechanism in place to provide an auditable record of precisely what message content (body text and attachments) was in fact sent and received in an encrypted manner to each intended recipient. This is important because, in the case where there is a data breach after the email has reached the recipient (in the recipient’s environment, or after they have passed the information along to others), the sender will need to retain information to prove that the breach did not happen “on their watch” – that they in fact complied with the data security requirements and delivered the information in a compliant, encrypted manner”

In the Buyer’s Guides 2011 and 2010, The Council further states:

With heightened enforcement actions by regulators, the email encryption services key purchase drivers are no longer whether or not the provider’s solution was ‘secure enough’ but is now how well the provider’s solution will protect from fines in the case of a data breach.