Welcome to WebmasterWorld Guest from 54.234.244.30

Forum Moderators: phranque

Message Too Old, No Replies

Best way (and cheapest) to encrypt online e-mail form data

Forms contain medical info, are on a Windows server

     
8:04 pm on Jul 14, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Dec 5, 2003
posts:43
votes: 0


We are preparing a site for a dentist who wants to include online patient registration e-mail forms. The info contains personal medical details and of course must be secure. What is the best-- and cheapest-- way to get that info to the doctor's office?
8:56 pm on July 14, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member txbakers is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Sept 1, 2001
posts:4392
votes: 0


I would suggest setting up a secure SSL website for that purpose and a database back end.

Don't send anything like that through the email system.

8:57 pm on July 14, 2005 (gmt 0)

Administrator

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 24, 2001
posts:15755
votes: 0


ssl site as tx mentioned
throw the submitted data into a database
create a secure administration section for the office to access the records
11:01 pm on July 14, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Dec 5, 2003
posts:43
votes: 0


txbakers, jatar_k--

Thanks for the prompt replies. After my above post-- and before I saw your replies-- I had continued to seek answers from additional sources. I found that the search engine that ends in the exclamation mark provided a service that might help. Their rep said that I could host the two email form HTML pages on their site for a reasonable setup fee and suitable monthly fee. I could have the form results go to either a database or an email.

Now, both of you said that the database is the answer.

Then you're both saying that I should opt for the database because even with the secure server there would be security problems with sending an email to the dentist's office? Why is that?

Sorry, but my only experience with this was years ago when I set up a private PGP key to recieve encrypted credit card info to a merchant's email client from their shopping cart.

Do I understand correctly that when the user sends his info to the server that's secure, but when the email goes to the dentist's office is not secure?

Thanks
DeValle

11:08 pm on July 14, 2005 (gmt 0)

Administrator

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 24, 2001
posts:15755
votes: 0


>> Do I understand correctly that when the user sends his info to the server that's secure, but when the email goes to the dentist's office is not secure?

exactly, though the communication between the user and your server is encrypted with https, the email is sent plain text and could be intercepted.

with the db it never leaves that box

>> PGP key

you could do something like that as well, as long as if the email is intercepted there is no way for that person to gain access to a person's personal information.

12:12 pm on July 15, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Dec 5, 2003
posts:43
votes: 0


Thanks jatar_k for the info, this is what I was looking for.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members