Table of Contents:
- Gmail Confidential Mode
- Google and HIPAA compliance
- Is Paubox compatible with Gmail Confidential Mode?
This week we got an email inquiry from an eyecare center in Ottawa, Canada. In their email, they told us they were seeking a HIPAA compliant email solution that could work in conjunction with Gmail's Confidential Mode.
Their question to us was:
Is paubox compatible with Google Workspace confidential mode features? For instance, if I want to enable email expiry (i.e. after six months) via Google Workspace confidential mode, can I do so with the email also encrypted via paubox?
This post will discuss whether Paubox is compatible with Gmail Confidential Mode or not.
Gmail Confidential ModeOn a 7 March 2019 blog post, Google announced support for Gmail Confidential mode for Google Workspace users. In a nutshell, Gmail Confidential Mode offers to protect sensitive content in emails by creating expiration dates, revoking previously sent messages, and removing options for recipients to forward, copy, print, and download. There are caveats to this approach, however:
- Confidential Mode is not available on mobile phones (70% of all email is now read/sent on mobile)
- You can can still take a picture or screenshot of the confidential message or attachment
- Requires senders to "make a choice" on every email if it should be secured or not - increasing the risk of accidentally sending a message that's not secure if no third-party encryption is used (like Paubox)
- The user experience for recipients outside of the Gmail or Google Workspace ecosystem is cumbersome and clunky. It's another portal-based approach where they must click on a link and login to view the message.
Nevertheless, Gmail Confidential Mode may prove to be a viable solution for some organizations. It is also important to note that previous editions of the Google Workspace HIPAA Implementation Guide has stated that PHI should only be sent in protected Google Drive links, not in the body of the email. They have not yet updated their guide to state if the new Confidential Mode is covered under their BAA for sending PHI in the body of the email.
READ MORE: How to Encrypt Gmail
Google and HIPAA compliance
We've previously discussed how Google (aka Alphabet) is willing to sign a Business Associate Agreement with organizations that face HIPAA compliance requirements. If you are a Gmail user with an @gmail.com email address however, Google does not offer a BAA for Gmail accounts.
READ FULL ARTICLE: How to Make Gmail HIPAA Compliant
Is Paubox compatible with Gmail Confidential Mode?
Yes, Paubox Email Suite works in conjunction with Gmail Confidential Mode. The two solutions coexist with each other and do not conflict or cancel each other out.
Conclusion: Paubox is compatible with Gmail Confidential Mode.