Welcome to WebmasterWorld Guest from 54.196.238.210

Forum Moderators: phranque

Message Too Old, No Replies

Best way (and cheapest) to encrypt online e-mail form data

Forms contain medical info, are on a Windows server

     

DeValle

8:04 pm on Jul 14, 2005 (gmt 0)

10+ Year Member



We are preparing a site for a dentist who wants to include online patient registration e-mail forms. The info contains personal medical details and of course must be secure. What is the best-- and cheapest-- way to get that info to the doctor's office?

txbakers

8:56 pm on Jul 14, 2005 (gmt 0)

WebmasterWorld Senior Member txbakers is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I would suggest setting up a secure SSL website for that purpose and a database back end.

Don't send anything like that through the email system.

jatar_k

8:57 pm on Jul 14, 2005 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



ssl site as tx mentioned
throw the submitted data into a database
create a secure administration section for the office to access the records

DeValle

11:01 pm on Jul 14, 2005 (gmt 0)

10+ Year Member



txbakers, jatar_k--

Thanks for the prompt replies. After my above post-- and before I saw your replies-- I had continued to seek answers from additional sources. I found that the search engine that ends in the exclamation mark provided a service that might help. Their rep said that I could host the two email form HTML pages on their site for a reasonable setup fee and suitable monthly fee. I could have the form results go to either a database or an email.

Now, both of you said that the database is the answer.

Then you're both saying that I should opt for the database because even with the secure server there would be security problems with sending an email to the dentist's office? Why is that?

Sorry, but my only experience with this was years ago when I set up a private PGP key to recieve encrypted credit card info to a merchant's email client from their shopping cart.

Do I understand correctly that when the user sends his info to the server that's secure, but when the email goes to the dentist's office is not secure?

Thanks
DeValle

jatar_k

11:08 pm on Jul 14, 2005 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



>> Do I understand correctly that when the user sends his info to the server that's secure, but when the email goes to the dentist's office is not secure?

exactly, though the communication between the user and your server is encrypted with https, the email is sent plain text and could be intercepted.

with the db it never leaves that box

>> PGP key

you could do something like that as well, as long as if the email is intercepted there is no way for that person to gain access to a person's personal information.

DeValle

12:12 pm on Jul 15, 2005 (gmt 0)

10+ Year Member



Thanks jatar_k for the info, this is what I was looking for.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month