Since news outlets have reported the extent of the National Security Agency's surveillance activity monitoring U.S. citizens, some consumers may be uneasy about the thought of agents looking over their emails. However, many tech companies have begun to fight back with added encryption techniques. Google, for example, has begun to encrypt all of its traffic between email users, email servers and data centers, .

Users can check the security of a site for themselves by looking at the website's URL. If a website has HTTPS:\ in front of it, than that means it is using encryption to keep hackers from spying on your data.

Google made encryption between data servers a priority after the revelations last summer when it was revealed the NSA kept surveillance on Internet sites like Gmail to read emails.

"Our commitment to the security and reliability of your email is absolute, and we're constantly working on ways to improve," said Nicolas Lidzborski, Gmail security engineering lead.

HIPAA Compliance and Google
Encryption is crucial for keeping data secure in the health care industry, as health companies must comply with privacy rules derived from the Health Insurance Portability and Accountability Act. Google has been making major advances in compliance practices that are specific to the health care industry, . This time, the tech company has added features to its cloud service, allowing for business associate agreements between health care industry users and the Google cloud. Google first added HIPAA-compliance BAAs to its services last year in October, . Google's website indicates it offers BAAs for Gmail, Google Calendar, Google Drive and the Google Apps Vault.

Previously, the Oregon Health and Science University (OHSU) was reprimanded when it stored HIPAA-protected data into Google without signing a BAA. Google has since created a streamlined process for signing a BAA.

The process has Google asking the following questions:

  1. Are you a covered entity (or Business Associate of a Covered Entity) under HIPAA?
  2. Will you be using Google Apps in connection with protect health information?
  3. Are you authorized to request and agree to a Business Associate Agreement with Google for your Google Apps domain?

Google and Email Security
Google is now successfully able to prevent nearly all email account data breaches, according to Dark Reading. It has so far reduced the number of Google account compromises by 99 percent as of last year. According to Mike Hearn, a security engineer with Google, there is a system of risk analysis in place that determines the likelihood that the one signing into Google is truly the person who owns the Google account. This system uses 120 variables and occurs every single time someone logs into Google, whether it is every five minutes or every month.

Leave a Reply