What is Proofpoint?
The Proofpoint Secure Email Center is a commercial software service that the University uses in order to comply with the Health Insurance Portability & Accountability Act (HIPAA). Proofpoint prevents Protected Health Information (PHI) from falling into the wrong hands, either through theft or negligence.
Do You Need to Use Proofpoint?
You should only use Proofpoint as a last resort. The preferred method of sharing PHI and other privileged information is through Box Secure Storage.
Avoid sharing PHI via email whenever possible, but Proofpoint is available for situations when email is the only available option to share PHI. Follow the University's policy on E-mail and Protected Health Information in these situations. Typically, these emails are one-time communications with an individual, such as a patient.
Who Can Use Proofpoint?
Everyone in the Business Associate Agreement (BAA) and members of the University of Minnesota Foundation are able to send emails via Proofpoint. Anybody can receive an email via Proofpoint.
Accounts in the BAA are high-security accounts. These accounts include, but are not limited to:
- Most accounts in Health Care Components (HCC)
- Accounts that work with sensitive research data.
- Accounts with access to sensitive personal data of students/staff.
How Does Proofpoint Work?
If you work with PHI, the Proofpoint software allows you to manually encrypt any email sent from your University account.
The message recipient(s) will receive a notification from Proofpoint telling them they have a secure message waiting for them via a secure web link. The link takes them to a Proofpoint website that prompts them to login in order to view the message.
How Do You Use Proofpoint?
For a more in-depth overview and step by step instruction on getting started, see the Proofpoint Secure Email Center: Send & Receive Encrypted Emails self-help guide.