Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

How to verify an email is encrypted

How to verify an email is encrypted

Email encryption is vital for healthcare professionals to safeguard sensitive patient information, maintain privacy, and comply with HIPAA regulations. Here's how to recognize encrypted emails and ensure HIPAA compliance.


The importance of email encryption in HIPAA compliance

Encrypting emails is essential to protect sensitive health information, prevent data breaches, and uphold patient trust. HIPAA compliant email is also crucial to avoid potential fines and ensure the security of patient data.

Transport layer security encryption (TLS)

Transport Layer Security (TLS) plays a crucial role in encrypting emails in transit. TLS safeguards your data as it travels between the sender and recipient, ensuring the information remains confidential and protected from unauthorized access.

Go deeper


However, there's a catch. Both sender and receiver must use the same keys to scramble and unscramble the data. If the receiving machine supports TLS, both computers trade encryption keys and exchange data. 

But what happens when an email recipient doesn't support encryption? 

Paubox has patented its unique email security and encryption approach, particularly when sending emails to addresses that don't support TLS. If a TLS connection cannot be established, Paubox stops your message from being delivered in plain text. Paubox then directs the recipient to the Secure Message Center to view the message safely, in compliance with HIPAA guidelines.


How to verify an email is encrypted and HIPAA compliant

There are several ways to confirm an email is encrypted and secure.


1. Basic visual indicators:

Email clients often display padlock icons or other encryption symbols to indicate the email's encryption status. Paubox includes this in the footer of each secure email. 


footer encryption icon


2. The email headers

The most detailed way to verify an email is encrypted is to look at the email headers. Here's how to view an email header:


Here's what to look for:

A stamp: If you use a service like Paubox to encrypt your email, you'll like be able to see a stamp in the headers to indicate it was secured. In this case, look for the line at the bottom of the header saying:

X-Encrypted-Email: This email was sent using 256-bit AES encryption by Paubox

Here's what it looks like in a header:


verify encryption X


TLS encryption: The "Received" field contains information about the encryption used for sending the email. In the example below, the email has been sent using TLSv1.3 with a cipher suite of TLS_AES_256_GCM_SHA384, which is a secure encryption method.

Note: There's a "Received" line for every step of the email's journey. You'll want to look for the encryption details at each step in the email's journey from the sender to the recipient. That's what indicates it was encrypted all the way along its path from sender to recipient.


How to find these details in the email headers

Email headers are not particularly readable, so here's a tip to quickly find the above details. Just use "Control+F" on Windows or "Command+F" on a Mac and type in "AES" or "TLS," and you'll see the cipher.


verify encryption


These factors indicate that the email is encrypted and has been sent securely.

Note: In the example above, the encryption was 256 bit AES. That's not always the case. It could be 128 bit too, which is also okay. The important thing to note is the presence of "TLS_AES..." at each step.

By checking for the presence of TLS encryption headers in the email, you can confirm the legitimacy and encryption status of the message. Stay vigilant and always ensure the security of the emails you receive to safeguard your personal and professional information.

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.