Regular Email Often Violates Existing Regulations
On top of inherent business security risks, use of Traditional Email violates a number of data privacy regulations.
That is why companies and organizations should understand both Email and regulations to avoid penalties, reputational risks, and legal action against its executive officers.
- Emails are transferred in Plain unencrypted text via untrusted 3rd party servers.
- Email servers can make copies of the email content, which stores on these servers.
- Regular Email is impossible to return.
- No access rights - Unauthorized recipients can make backups of email content which leads to data leak.
Fines, Penalties and Legal Actions Against Executive Officers
According to many existing regulations, a company’s executive officers could be personally fined and imprisoned for noncompliance.
EU GDPR
FINE UP TO€20Mor 4% of the worldwide annual revenue whichever is higher.
SOX
UP TO
$5
MILLION IN FINE
UP TO
20
YEARS IN PRISON
HIPAA
FINE UP TO
$250K
PER INCIDENT
UP TO
10
YEARS IN PRISON
GLBA
FINE UP TO
$10K
PER VIOLATION
UP TO
5
YEARS IN PRISON
Challenges and Solutions
Traditional email is a natural opposition to legal compliance, as it violates a number of articles just by sending sensitive data in plain unencrypted text via unprotected email relays.
It offers no means of recalling wrongfully sent emails or controlling how that data will be processed and transferred before landing in the recipient’s inbox.
To meet compliance requirements, consider these challenges:
- Challenge: Ignoring the fact that all sensitive data (electronic health records, credit card numbers, payment history, financial reports, etc.) is transmitted in plain text.
- Solution: StealthMail always encrypts data, whether in transit, in use or at rest.
- Challenge: Lacking confidence that data isn’t being"read" on the server of email providers.
- Solution: StealthMail provides you with exclusive control over the encryption keys and lets you send emails using truly end-to-end encryption.
- Challenge: Lacking confidence that data isn’t being"read" on the server of email providers.
- Solution: StealthMail uses Stealth Link mechanism to transfer data, ensuring no 3rd party has access to its content.
- Challenge: Prevailing internal actors behind data breaches against external ones.
- Solution: StealthMail gives full control over the encryption keys in a bundle with a granular setting of access rights for all employees and C-level executives.
- Challenge: Exposing Regular Email for backups on recipients’ computers.
- Solution: StealthMail’s Recall feature allows you to withdraw, messages you sent to a person you did not mean to or to a person who had forwarded it to other users.
Compliance Acts
StealthMail is an email security and compliance solution that allows organizations to comply with such core regulations.
By implementing compliant mechanisms StealthMail procures organizations with full legality of use of the service in the territory of the country where the company operates. Such an approach significantly decreases the risk of a data breach and allows to control sensitive data sent via email.
GDPR
was developed to regulate the processing of personal data of individuals data subjects inside/outside the European Union.
HIPAA
prohibits the disclosure of a patient’s personal identifying information.
GLBA
regulates policy and technological solutions must ensure confidentiality of customers’ financial data both in transit and at rest.
SOX
was designed to protect shareholders and public companies from accounting errors and fraudulent actions inside the enterprise.
ITAR
controls technical data export, import, and distribution of defense- and space-related goods and services, and all technical data connected with them.
Reg FD
mandates that all publicly traded companies must disclose material information to all investors at the same time.
PCI DSS
is designed to control cardholder data and reduce credit card fraud.
CCPA
regulates the process of how personal data of California residents is handled by organizations.
Benefits
Full Legal Email Compliance
The use of legitimate data encryption ensures compliance with legislation of the country where the company is located.
Email and Attachment Access History
Email senders become content owners, which allows them to see who had access to their emails and when.
Data Protection In Transfer, At Rest, and In Use
Sending encrypted email to the wrong recipients considerably reduces the risk of an accidental disclosure of sensitive information.
Asynchronous Encryption Algorithms
StealthMail ensures comprehensive security of personal information by enhanced enterprise-grade encryption algorithms.
Regular Email for Complaint Email
Employees will continue to use Microsoft Outlook as their primary mail client service - the solution is installed as an add-in
- Get datasheet
