FiLink Email Encryption Policy Overview
FiLink uses a set of comprehensive policies built on lexicons to scan for sensitive information such as personal health information or personal financial information in electronic messages. Searches are conducted by scanning all message subjects, bodies and text-based attachments for expressions defined within the lexicons.
A Lexicon is a file consisting of a comprehensive set of terms, phrases, expressions and pattern masks that identify “sensitive” types of information. Sensitive information is defined as information that could result in liability if disclosed. ZixCorp uses many sources to generate the lexicon content that searches for sensitive information including federal regulations, authoritative reference sources in the subject, and “standard of care” practices.
2. Healthcare Policy
The healthcare lexicons are a set of two lexicons, identifiers and health terms, that work together to recognize Protected Health Information (PHI). The lexicons search for PHI by taking the intersection of identifying information, as set forth by the Department of Health and Human Services, combined with health terms or claims information. This provides the highest level of confidence that the context is related to PHI. An example of this would be a spreadsheet containing a Social Security number (SSN), date of service, and diagnosis. The SSN and date of service would constitute an identifier, and the diagnosis would constitute health information.
To search for potential healthcare content, both of the healthcare lexicons are combined using the following logic:
(Identifiers AND Health Terms)
The identifiers lexicon looks for identifiers indicating official business communications (such as SSNs, Subscriber IDs, etc.)
When used with well-designed policies, the healthcare lexicons can effectively help companies comply with HIPAA legislation by securing email communications that contain PHI. The following are several example messages that would trigger “violations” by the healthcare lexicons. The expressions shown in bold font indicate terms that would trigger violations.
Example #1: (Standard Rule covering official business messages)
From: Sue To: Linda Subject: RE: Shared patient
Linda, Here’s the info you requested on patient Jane Doe, ss# 123456789. She sees Dr. A. at General Hospital. She began tamoxifen approximately 5/15/2002. When he saw her in 2003, he stated that she had been on Tamoxifen for a year. Her last visit was 10/14/2003. No cancer!
Example #2: (Standard Rule covering official business messages)
From: Sue To: Linda Subject: RE: Daily Inpatient Report
General Hospital does have an acute rehab service. Both members are improving considerably with their therapy. Members are Mr. Smith, Mbr Num: 123456 & Mr. Jones, Mbr Num: 234567. They are on a rehab unit.
3. Financial Policy
The Personal Financial lexicons consist of a set of 3 lexicons: Financial Terms, Financial Identifiers, and Credit Card Numbers. These lexicon files are designed to work in combination to recognize “Personally Identifiable Financial Information “ as defined by the SEC, FTC, Federal Reserve and FDIC in the final rulings of Privacy of Consumer Financial Information. These agencies are the regulation arm of the Gramm-Leach-Bliley Act (GLBA). These lexicons are also used for SOX compliance.
The lexicons work in conjunction to recognize the intersection of Financial Identifiers (such as SSNs, account numbers or loan numbers) AND Financial Terms (such as “balance transfer,” “refinance” or “deposit”) OR Credit Card Numbers.
The following logic is used:
(Financial Identifiers AND Financial Terms) OR Credit Card Numbers
When used with well-designed policies, these lexicons can effectively help companies implement corporate consumer privacy policies (legislated by GLBA) by reducing the disclosure of personally identifiable financial information via email. Additionally, they can help reduce liability risk for financial privacy issues such as credit card fraud.
Below are several example messages that would trigger “violations” by the Personal Financial lexicons. The expressions shown in bold font indicate terms that would trigger violations.
Example #1: (Credit Card Match)
From: Sue To: Linda Subject: My Account
Sorry for the delay in getting back to you. Here is my credit card account info: 5403 1500 0001 0000 – MasterCard Exp. Date: 06/2006
Example #2: (Match on Financial Identifier and Financial Terms)
From: Sue To: Linda Subject: Your Account
Dear Miss Jones, We here at Big-Mortgage-Finance Corp. have noticed that you have defaulted on loan #123456. We are happy to assist you however possible. Perhaps an automatic payroll deduction could help you make regular bill payments. Please see the attached account summary and submit payment in full as soon as possible to avoid foreclosure.
Example #3: (Match on Financial Identifier and Financial Terms)
From: Mike To: Daniel Subject: Prepayment Fees In order to complete the monthly billing, please verify the prepayment fee for the following accounts: JOHN DOE 111001111 2,630.00 SUE JONES 222002222 4,250.00 Please respond as soon as possible, so we may complete the billing process. Thank you for your assistance.
4. SSN Policy
In the standard lexicon offering, Social Security numbers are used as an identifier, and as such, must have either a health term or financial term found in the email before encryption takes place. This lexicon, which has become more popular due to pending legislation and a growing identity theft problem, is made to encrypt any email that has a Social Security number, even if there is no accompanying health or financial term.
5. State Regulation Policy
In order to assist with compliance of the new Massachusetts and Nevada Regulations, FiLink has introduced lexicons that will be used to scan for sensitive emails as set forth by these laws.
A lexicon is a file consisting of a comprehensive set of terms, phrases, expressions, and pattern masks that identify “sensitive” types of information in emails. Sensitive information is defined as information that could result in liability if disclosed.
The wording in these regulations define “sensitive” as “personal information” which is meant to mean “a resident’s first name and last name or first initial and last name in combination with any one or more of the following data elements that relate to such resident: (a) Social Security number (b) driver’s license number or state-issued identification card number or (c) financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident’s financial account” (emphasis mine).
Therefore, these lexicons scan for social security numbers, driver’s license numbers, financial account numbers, and credit and debit card numbers.
6. Credit Card Policy
In the standard lexicon offering, Credit Card numbers are used as an identifier, and as such, must have either a health term or financial term found in the email before encryption takes place. This lexicon, which has become more popular due to pending legislation and a growing identity theft problem, is made to encrypt any email that has a Credit Card number, even if there is no accompanying financial term, when a date or card name is present (VISA, MC, etc).
7. Policy Accuracy
FiLink goes to great lengths to ensure that lexicons are accurate and precise. This is accomplished through a comprehensive definition and design of the lexicons, coupled with exhaustive manual analysis to ensure that the lexicon results agree with the judgment of the lexicon designers. The following example provides a high level overview of the design process and validation of the Healthcare lexicons:
- Lexicon designed based on definition of PHI from HIPAA regulations.
- Jury standard document developed
- Message samples gathered from payors and providers (18,000+ messages)
- Samples manually examined (all 18,000+ messages) using the jury standard document as a reference
- Reference sources identified to be used to ensure comprehensive content (i.e. medical dictionaries, professionally-accepted terminology lists, etc.)
- Lexicons constructed and run against sample
- Lexicons results compared to manual results
- Lexicons tuned and rerun against sample until performance is excellent
- Calculations made for Accuracy, False Negative, and False Positive rates
- Revisions made based on analyses and ongoing customer input
As with all automated analysis tools there will be a certain percentage of false positives and false negatives. With each new release of the lexicons the accuracy improves, minimizing the occurrence of false readings.