搜索美国
  1. 首页
  2. 服务
  3. JagNet
  4. 安全的消息

JagMail (Google/G Suite) 安全的消息 Features

一般的指导

  • The University HIPAA office 和 the Computer 服务 Center have determined that the following components of the University-contracted G Suite for Education (formerly titled “Google Apps for Education”), when appropriately used, provide the basic  technical 和 contractual requirements for communication of HIPAA protected data:
    • JagMail email (@xiaoren19.com)
    • Google Drive/Google Shared Drives
    • Google Documents 和 Sheets

  • This document does not address the suitability of your business practices with regard to confidential data nor whether you are compliant with HIPAA regulations. 假设 that you have reviewed your practices 和 procedures with the appropriate University offices to determine whether the data in question may 共享 和 with whom it may 共享.

  • These G Suite services may be used in addition to USANAS, the on-campus networked 存储系统. For most offices exchanging information primarily at University locations, USANAS will be the preferred sharing/存储系统.  All faculty 和 staff offices may request access to USANAS. 请联系 helpdesk@xiaoren19.com 寻求帮助.

  • Although the commercial Gmail system shares many technical characteristics with the University G Suite (JagMail), it is not covered by University contract 和 does not meet all University technical 和 administrative requirements for confidential data. It is not approved for PHI or other University confidential data. 用它来 purposes potentially exposes you to personal liability in addition to violating University 政策.

  • Although the JagMail email system meets contractual 和 technical requirements for transmittal of sensitive data including PHI, email is subject to the following concerns:
    • Email can easily be sent to the wrong recipients (or mistakenly forwarded by valid recipients to inappropriate recipients)
    • It is not possible to retract messages once sent.
    • Recipients with auto-forwarding may propagate the message beyond your intent.
    • Email messages persist in sent mail folders 和 may reside on multiple devices, including 智能手机.  It is difficult - if not impossible  - to meet document retention 和 disposal requirements with email.

  • The Computer 服务 Center recommends that whenever possible email be used to 警报 or 通知 but not to transport or convey sensitive information.  (For example, you can place confidential data within a Google Drive 和 use email to provide access links.)

 

安全特性

The following security features are available to all users of JagMail (the @xiaoren19.com/@jagmail.xiaoren19.com G Suite系统.)

 

Dual Factor authentication

All users can activate 2 factor authentication, recommended for everyone, but essential for anyone transmitting or storing sensitive information. 请参阅  JagMail Two Factor Authentication 有关详细信息,. This information can also be found on the main University web server by finding “JagMail Two Factor Authentication” in the A-Z index.

 

Email transmission security features

  • All email between the University @health.xiaoren19.com 和 JagMail systems only over encrypted channels. (also known as Transport Layer Security, or TLS), as does all email between JagMail users.

  • #安全 subject keyword

    For communications outside the two University systems, any user of @xiaoren19.com 或@jagmail.xiaoren19.com may request that email be sent only over an encrypted channel by including the keyword “#安全” in the subject line.

    If the email system cannot deliver over TLS channels, you will receive an error message from the system 和 it will not be delivered. You may then determine whether another method - such as a Google Drive share - is an appropriate alternative.

Google Drive 和 Shared Drives  (including Google Docs 和 Sheets)

  • Access to these services is only over secure, encrypted channels.

  • Google Drive space is "unlimited" for the University G Suite.  

  • 共享选项: 
    • Google Drive permits flexible sharing controls, including limiting access to specific JagMail recipients or to all JagMail users.
    • You can set expiration times on your shares.
    • Files 和 folders can 共享 "to anyone with the link", permitting sharing of data to individuals outside the JagMail system. When used for sensitive data, this should be for a limited period 和 unshared once 传播. 

  • General usage suggestions:
    • Google Drive is tied to an individual user account, 和 is best suited for individual user working files 和 ad hoc sharing.
    • Shared Drives exist independently of individual user accounts 和 are best for shared projects 和 long-term storage.
    • Health System users can be issued accounts to access Google Drive resources upon request.

  • More information is available at  Get Started with Google Drive 和  Get Started with Shared Drives 和 from the Computer 服务 Center/Academic Computing 帮助 Desk at helpdesk@xiaoren19.com