Google Cloud Apps Admins

Introduction to Google Apps Message Encryption

Written by Joey Allen (GCP Apps Admin) | September 24, 2015

Companies using Google Apps for healthcare and other industries where privacy is a concern can take advantage of a special encryption feature designed by ZixCorp, an industry leader in email data protection. Google Apps Message Encryption (GAME) is an email encryption solution that operates via the cloud and protects emailed information. It helps companies using Google Apps for healthcare to meet strict HIPAA standards when it comes to sending sensitive Protected Health Information (PHI) by preventing that information from being accessed by outside parties. GAME is already in use by over 30 different Blue Cross Blue Shield organizations and by around 20% of American hospitals. 

Simplicity of Use in Google Apps Message Encryption

Once GAME has been setup and enabled in a client's Google applications, it will work to both inspect and encrypt every outbound email. It's not necessary for users or email recipients to go through extra procedures or enter passwords to deal with email that has been encrypted. The simplicity of the email feature makes it so that companies can enjoy encrypted email that protects PHI without having to put time and effort into special training for employees. 

Taking Advantage of Automated Key Management

Email encrypted via GAME uses key management that is hosted in the industry's largest global directory. Key management is handled through this directory so that IT personnel at companies using GAME for encryption don't have to deal with key management themselves.

With game, key management is automated and handled by a directory with tens of millions of members and counting. This large directory minimizes the chances that expired keys and certificates will create a security breach with centralized distribution among directory members. 

Transparent Email Delivery

When it comes to secure email delivery, transparency is important. GAME scans emails while also figuring out what the best way to deliver email securely is using the Best Method of Delivery. Through GAME, ZixCorp offers Google Apps for healthcare clients bidirectional transparent email encryption. This means that messages are almost always delivered so that no password is needed for the recipient to access files. 

ZixCorp understands that outside parties receiving messages from Google Apps for healthcare users might not be using their encryption platform, so two delivery methods are incorporated into GAME for this situation. These two methods include a "push" and "pull" technology. With the push method, encrypted email messages are delivered with a secure attachment. The pull method involves using a secure portal that can be branded or integrated into the company's corporate portal. The pull method has a mobile-friendly design that's great for companies using BYOD policies to allow their employees to access messages using a mobile device. 

The GAME Facility Protecting Google Apps

GAME operates out of a facility that has a SOC2/SysTrust certificate and SOC2 accreditation. The facility is also PCI Level 1, DSS v2.0 compliant. In addition to this compliance and accreditation, the GAME facility is also monitored 24 hours a day to protect data. The facility has redundant power sources that ensure that data security is not compromised by a power outage. This facility boasts a consistent track record of 99.999% availability.

The Importance of HIPAA compliance and Email

While attaining HIPAA compliance might seem like a simple matter when PHI is handled in-house, sending sensitive data out to an outside recipient via email might create cause for concern among many healthcare managers. Fortunately for Google Apps for Healthcare clients, GAME ensures safeguarding that will adhere to standards set forth in the HIPAA/HITECH Act released in January of 2013. Compliance measures provided by GAME can help healthcare companies to avoid fines of as much as $1.5 million for failure to comply.