homepage Welcome to WebmasterWorld Guest from 54.167.179.48
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

    
Best way (and cheapest) to encrypt online e-mail form data
Forms contain medical info, are on a Windows server
DeValle

10+ Year Member



 
Msg#: 4155 posted 8:04 pm on Jul 14, 2005 (gmt 0)

We are preparing a site for a dentist who wants to include online patient registration e-mail forms. The info contains personal medical details and of course must be secure. What is the best-- and cheapest-- way to get that info to the doctor's office?

 

txbakers

WebmasterWorld Senior Member txbakers us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4155 posted 8:56 pm on Jul 14, 2005 (gmt 0)

I would suggest setting up a secure SSL website for that purpose and a database back end.

Don't send anything like that through the email system.

jatar_k

WebmasterWorld Administrator jatar_k us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4155 posted 8:57 pm on Jul 14, 2005 (gmt 0)

ssl site as tx mentioned
throw the submitted data into a database
create a secure administration section for the office to access the records

DeValle

10+ Year Member



 
Msg#: 4155 posted 11:01 pm on Jul 14, 2005 (gmt 0)

txbakers, jatar_k--

Thanks for the prompt replies. After my above post-- and before I saw your replies-- I had continued to seek answers from additional sources. I found that the search engine that ends in the exclamation mark provided a service that might help. Their rep said that I could host the two email form HTML pages on their site for a reasonable setup fee and suitable monthly fee. I could have the form results go to either a database or an email.

Now, both of you said that the database is the answer.

Then you're both saying that I should opt for the database because even with the secure server there would be security problems with sending an email to the dentist's office? Why is that?

Sorry, but my only experience with this was years ago when I set up a private PGP key to recieve encrypted credit card info to a merchant's email client from their shopping cart.

Do I understand correctly that when the user sends his info to the server that's secure, but when the email goes to the dentist's office is not secure?

Thanks
DeValle

jatar_k

WebmasterWorld Administrator jatar_k us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4155 posted 11:08 pm on Jul 14, 2005 (gmt 0)

>> Do I understand correctly that when the user sends his info to the server that's secure, but when the email goes to the dentist's office is not secure?

exactly, though the communication between the user and your server is encrypted with https, the email is sent plain text and could be intercepted.

with the db it never leaves that box

>> PGP key

you could do something like that as well, as long as if the email is intercepted there is no way for that person to gain access to a person's personal information.

DeValle

10+ Year Member



 
Msg#: 4155 posted 12:12 pm on Jul 15, 2005 (gmt 0)

Thanks jatar_k for the info, this is what I was looking for.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved