Email AI: an evolving guide
by Hoala Greevy Founder CEO of Paubox
Hannah Trum, our Senior Marketing Specialist and host of the HIPAA Critical podcast, asked me to put together some thoughts on what we’re doing in the field of Artificial Intelligence (AI) for Email.
The timing is apt, as we recently released our first Email AI solution, a HIPAA compliant voicemail transcription robot.
Yet as we survey the landscape in August 2021, Email AI remains largely undefined.
Apart from a handful of marketing automation and inbox enhancement tools, Email AI represents a deep blue ocean of opportunity.
What is Email AI?
For starters, a formal definition for AI can be summed up as:
The theory and development of computer systems able to perform tasks that normally require human intelligence. This would include visual perception, speech recognition, decision-making, and translation between languages.
I prefer a more simple definition: AI is whatever hasn’t been done yet.
On that note, there’s obviously quite a bit that hasn’t been done yet when it comes to Email AI.
Let’s dive into some examples while answering Hannah’s questions.
Human Endpoints and the Inbox
While reading “Futureproof: 9 Rules for Humans in the Age of Automation,” I came across the term human enpdoints.
Human endpoints are “people whose jobs mainly consisted of taking directions from a machine or serving as a bridge between two or more incompatible machines.”
In U.S. healthcare, we see an obvious human endpoint indicator, efaxes.
The fax machine is the dominant form of communication in U.S. healthcare. In fact, here’s an easy way to determine it for yourself, ask any healthcare CIO a single question:
“How many faxes did you send last month?”
Either they don’t know because the number is too large to compute or it’s in the millions.
During the pandemic, we witnessed our customers accelerating a long overdue IT project: doing away with their physical fax machines and moving to efaxes, or fax-to-email services.
When these efaxes reach our customers’ inboxes, there is a 100% chance a human endpoint is involved.
In other words, more people in an organization open these efax emails, double-click on an attachment, and manually enter data into another system. It’s boring, rote, and prone to human error. It’s precisely this type of work that’s best suited for robots and automation.
The question then arises, if we are providing email security for our customers by serving as the inbound gateway for their email (via MX record), why can’t we provide workflow automation for their efaxes? That last sentence alone contains enough work to keep us busy for the next five years.
How will Email AI expand the capabilities of Paubox customers?
Last month we learned on a Zoom social mixer about our customers’ need for a secure method of transcribing audio attachments sent by their corporate voicemail systems.
As context, a central tenet of the HIPAA Privacy Rule is that covered entities must have appropriate administrative, technical, and physical safeguards in place to protect the privacy of protected health information (PHI).
In the case of our customers, they were acutely concerned over emails sent from their voicemail system containing audio attachments. More precisely, their concerns lay with the potential of end users opening these attachments in public on their smartphones.
In their opinion, the risk of PHI being overheard in public obligated them to establish elevated safeguards for their respective organizations.
In effect, the question was, “Can you develop something that converts the audio attachments to text instead?”
Keeping with our intense focus on using customer feedback as a roadmap of what to build and when, we instantly knew this was something to act on.
In a nutshell, Paubox Email Suite allows us to provide inbound security and seamless inbound encryption for our customers. We’re able to do this by being the sole MX record for our customers’ domain names. In addition, Paubox Email Suite is HITRUST CSF certified.
With this inbound email security infrastructure in place, we leveraged Natural Language Processing (NLP) to detect and transcribe these audio files on the fly.
We then insert the transcribed text into the message body and securely deliver the email to the end user, leaving the original audio attachment in place.
How do you see the future of Infosec, but especially healthcare, relying on email AI?
Earlier this month we submitted a provisional patent application surrounding our novel work on Zero Trust Email.
As a recap, Zero Trust is an IT security framework that requires strict identity verification for every person and device trying to access resources on a private network.
The philosophy behind Zero Trust security assumes there are attackers both within and outside of the network, therefore no one and nothing should automatically be trusted.
In today’s landscape, the same is also true for email- we can no longer trust email sent from American hosting and infrastructure companies, as they are being abused by bad actors at unprecedented scale.
We therefore chose to focus on multi-factor authentication (MFA) for our implementation of Zero Trust Email.
MFA involves requiring more than one piece of evidence to authenticate a user. For the end user, this is often a piece of information on their phone, either a code sent via SMS or an authenticator app.
For our purposes, we chose to to use MFA not to authenticate a user per se, but a machine.
With Zero Trust Email, we now require one more piece of evidence to authenticate an email is truly legitimate and not a phishing attack cloaked under the guise of a domestic company’s email platform.
This new piece of evidence is unique to each customer and changes based on time and usage. In effect, we employ Email AI to power Zero Trust Email.
I anticipate there will be more innovations in this area, as email is constantly under attack by bad actors.
Will the Delta variant impact Email AI or healthcare security as a whole?
Yes, I believe the Delta variant will continue to accelerate the long overdue digital transformation in healthcare. At what speed it will accelerate is hard to say. But it will speed up, that is certain.
In addition, email attacks will continue against healthcare organizations. As we’ve covered in our monthly Paubox HIPAA Breach Reports, this has been a predictable trend since we first started doing them in 2017.
In our opinion, Email AI lays at the crossroads of both these trends. And we intend to help define it.
See Related: HIPAA Breach Report for August 2021