Increase utility and comply with HIPAA & HITECH Safe Harbor

ZSentry connects. Anyone, any device, anywhere, securely, better.

ZSentry is a bit different. ZSentry does not store your password anywhere and works two-way with whatever solution you use. This means that your ZSentry-secured solutions will feel exactly like what you use today on the desktop and phone, and your recipients' solutions will also benefit from your use of ZSentry and yet feel exactly like what they use today. For example, using any mix of email, webmail and SMS (texting). And you can do secure back-and-forth with multiple recipients each using their own platform, even if they are not ZSentry users, send and receive attachments, store files securely, and much more.

ZSentry works with the devices people already own and love, with no changes for anyone while everyone gets more value from what they have. When you or your organization use ZSentry, you immediately get more utility and usability with certified HIPAA and security compliance for your apps and services across every platform. Your correspondents also get the same benefits, at zero added cost, with FREE Secure Read & Reply for your recipients.

With ZSentry, your data is protected by end-to-end encryption, onsite, online, and at rest. The user and not ZSentry or your provider holds the keys. ZSentry was tested and is certified by the U.S. government as a Health IT EHR Product providing ARRA, HIPAA and HITECH compliance; also complies with Safe Harbor, GLBA, SOX, and other regulations.

Experience yourself and learn more about how ZSentry looks and works in your devices, desktop and phone, and all that you can now do securely, anywhere. Click to get your FREE trial»

Zmail^™ (ZSentry Mail^™) is the secure Mail function of ZSentry^™ (NMA trademarks since 2001).

With cloud services and Google Apps, anything with HIPAA-protected information that people send, save, share or use (including Mail, Drive, Docs, Spreadsheet, Texting, Projects, and Calendar) has to be encrypted or it will break HIPAA compliance.

The problem is that someone could hack into your cloud account, or read copies on their servers that “who knows who can access”.

The same can happen if you are sending or sharing information online, your phone is lost, or desktop security is breached.

ZSentry solves these problems by enabling users to send, text, save, and share ZSentry encrypted messages in all desktop and phone platforms. The user and not ZSentry or your provider holds the keys.

You do not need to use fragmented solutions. You can use only ZSentry in all platforms, for example with Google Apps, Outlook, iPhone, Android, and Outlook, for more benefits and cost savings. For a list of the top five reasons customers tell us they choose ZSentry, touch The Top Five »

How it works with Google Apps: You just have to send the file or email through ZSentry, to encrypt.  Access to Google Apps does not change. The encrypted file in Google Apps (including Mail, Drive, Docs, Spreadsheet, and Calendar) will have the access controls that you choose when sending the file using ZSentry.  You can then store and share documents encrypted with ZSentry in Google Apps (including Mail, Drive, Docs, Spreadsheet, and Calendar), and they can be retrieved for decryption without Google scanning.

For example, ZSentry lets you store information encrypted in Google Calendar and this can be automated by IT through the ZSentry API, or can be done manually, all in an easy way.

In the site, you can find tutorials in PDF for specific devices and apps (for example, iPhone and Mail app, Google and Outlook), and get specific documents such as the HIPAA BAA.

However, there are ever so many new devices and apps out there, and more BYOD users, while ZSentry is so interactive with whatever users have, that an introductory data sheet in PDF format would be already outdated and too flat to show what ZSentry can do.

We solve this in a more elegant and efficient way. We provide an always up-to-date, interactive ZSentry "data sheet" in web format (also faster & safer than PDF), using your own device (whatever that device may be). You can get one by simply requesting our Free Trial »

The approval time takes a couple minutes. There is no credit card requested. You can test it with live user-controls for 15 days, see how each screen looks and works in any device, and use the included Secure Quick Reply to see how ZSentry also helps your users.

No. ZSentry works with your current email address, Inbox and app.

You receive secure messages directly, without ZSentry intervention, at your regular mail Inbox. You can use any mail provider without any changes, including Google Apps, Gmail, Microsoft 365, and Yahoo Mail.

You can send, read and reply with any choices of desktop Mail client, cloud app, web browser, and phone. After decryption, you can also save messages locally (for example, in your hard drive or USB stick), which helps allay privacy concerns when using cloud solutions.

You can send and read end-to-end encrypted email in minutes, including attachments, with HIPAA-compliant ZSentry. Also works for secure webmail and secure SMS (texting).

For sending/reading encrypted email and SMS using the Web, you need only step 1 below. To use your Mail client (as easy to use as regular email), follow through step 3.

1. Signup and/or Login using ZSentry App »
2. In your ZSentry account screen, click "Dashboard > Personalize > Save".
3. A [ZMAIL INFO] email will be sent to your Inbox, with your setup instructions.

This works without installation or plugins. Your recipients can read and reply securely, and securely download attachments, without added cost. Works directly with phones for secure SMS. More information »

ZSentry works with whatever you have, as follows:

- How To Decrypt, Read, Reply, and Save: You receive the secure message in your regular Inbox, encrypted. Follow the message instructions. Usually, just touch a secure link. For added security, to make sure that the link is exactly what you see, you can copy the link and paste it in the location bar of your web browser. Also decrypts and loads attachments.

- How To Encrypt and Send: With ZSentry Client (*), your use your own Mail client to compose the email and load attachments, then you select the secure account (ZSentry) in your device, and touch Send. With ZSentry App(*), you use a Web browser to compose the email and load attachments, then touch "Encrypt & Send". In either case, that's all! The email will be encrypted and sent according to your account's ZSentry Dashboard settings, which you can personalize. Some devices may require setup.

(*)You use ZSentry App just with your Web browser. You use ZSentry Client with a Mail client (Outlook, iPhone, Android) or a Cloud client (Gmail, Google Apps, Zoho, FastMail).

Read more: New User Help»

Yes. ZSentry provides a range of sender-defined choices for sending secure email, SMS, data storage, and other uses. The choices include Expiration Time (Self-Destruct), Return Receipt, Secure Vault, Mandatory Recipient Registration, and Mandatory Login. These are some of the different ways ZSentry can secure the message that you send or store:

1. Default:  ZSentry is provided with a default HIPAA-compliant configuration that improves usability. The configuration is auditable, with access control by means of automatic mailbox and device authentication, login monitoring, and expiration control. It enables secure first-contact and reply (Secure Quick Reply) with verified recipient online identity, without requiring the recipient to register.  To enable Secure Quick Reply, the expiration is set by default to 15 days (and should not be more than 31 days). One common addition to this Default configuration is to add Secure Vault and Return Receipt (see below).
2. Personalized: Users can personalize how ZSentry sends secure email and what is required from recipients. The choices are HIPAA-compliant with configuration options for access control, including mandatory recipient registration and (if desired) mandatory login, document control, delivery and tracking. After you personalize ZSentry you can save your configuration as the new Default (see below).

The Personalized choices are verified and set using the ZSentry Dashboard. Users' configuration profiles (Dashboard) are individually encrypted. To access the Dashboard, login using ZSentry App»  (bookmark the link for easy access) and look for the Dashboard / Delivery control at the bottom. When you are done, make sure you click Dashboard / Personalize to make it the active for the ZSentry Client and become the new default for ZSentry App.

For example, you can activate:

• Secure Vault: sends back to you a non-expiring copy of your message, protected as a secure email with mandatory login (check the Bcc Me box in the To/Cc bar); and
  
  
• Return Receipt: before your secure email is delivered, sends back to you an email with information on Who, Where, When, What and How it will be read (check the Return Receipt box in Dashboard > Tracking).
  

These choices are explained in the Dashboard section». To enable Secure Quick Reply, the default expiration is set to 15 days (and should not be more than 31 days).

See also ZSentry for Google Apps How-To»

Yes. Our customers can use (at no added cost) the ZSentry API» to fully automate the encryption of form responses back to them, as a HIPAA compliant secure email. We offer template codes and instructions (also at no added cost) for this use, and it should be easy for a website developer to integrate with your website.

Yes. With no user training, ZSentry enables foolproof end-to-end encryption, regulatory compliance and mobility with and no changes:

1. Foolproof
   Until now, humans have been the weakest link in IT security. ZSentry is designed to avoid common problems caused by human error or misuse. Organizations can use ZSentry for secure communication with no concern that users will have password, technology, or device issues in any platform.
2. End-to-end Encryption & Regulatory Compliance
   With ZSentry, your data is protected by end-to-end encryption, onsite, online, and at rest. The user and not ZSentry or your provider holds the keys. No storage of your Usercode, Password, or keys anywhere, not even encrypted or hashed. Get peace of mind for email, webmail, SMS, web forms, file storage, cloud service and more in the desktop, tablet, and phone. ZSentry is U.S. certified as a Health IT HIPAA compliant Product under ARRA and EHR, and complies with other regulations including HITECH Safe Harbor, GLBA, FERPA, and U.S. State Security Breach Notification Laws. Includes FREE HIPAA-Compliant Patient-to-Physician Email.
3. and Anyway Mobility
   Unified communication, beyond mobile devices. With ZSentry, there is no more guesswork how to contact people. Send one message and connect securely to employees and customers anywhere, anyway, anytime, in the desktop, tablet, and phone. What users see is automatically matched to access level, experience, and device capability.
4. with No Changes.
   No plugin or installation. Already seamlessly integrated in leading IT solutions that users and organizations have and know how to use, with no work for you or them. You can continue to use your current IT solutions, including devices, email provider, email address and Inbox. Your email is not received by or routed through ZSentry.

The best practice, if your user interface is a Mail Client such as Outlook or phone, is to directly use the ZSentry SMTP settings to send secure email and the cloud service SMTP settings (eg, Google Apps, Office 365, Yahoo, Zoho) to send regular email. The Inbox is the same email address for both uses. Click Mail Client setup»

Second alternative is to use only a Web browser as the user interface, and then use the ZSentry SMTP settings to send secure email as an external server/From in the cloud service (eg, Gmail, Google Apps, Zoho) itself. Click Cloud Client setup»

Third alternative is to use only a Web browser and ZSentry App» (no setup)

Other choices are presented in Use Options»

Your secure message will be sent encrypted to the recipient's email address and will be received as usual. The recipient can click the link (or copy-and-paste) to open it in a secure browser window (no setup) or in a Mail Client (may need setup). The recipient will be authenticated as you (the sender) requested, and can read, reply and save the message as well as any attachments.

To reply, the recipient can click the button  Secure Quick Reply 

That's all! In both cases, the service is provided securely but without burdening the recipient with anything more than a mouse click.

Just like with regular email, there is no password to send to the recipient, no signup, cost, installation, setup, or extra work demands. Recipients can use any desktop, tablet or phone. To see for yourself, click FREE Trial >>

When you use ZSentry, your email stands out and recipients can read it with the effort of a single mouse click, without setup and even without registration (if you allow it). They can also reply securely to you, without cost and setup.

With regular email, Inbox clutter and spam overload are often making people not even open your emails, or be afraid to reply.

To further help overcome first-contact hesitation and confusion, and prevent phishing, ZSentry enables senders to add an interpersonal touch. We created a Znote space, which is a custom plaintext note from the sender, visible without decryption, in the email envelope. The Znote is visible in the email summary that, for example, Gmail provides before reading the actual email.

And, of course, you can write the Znote in the language of the recipient! This is useful to enhance the interpersonal context and help flag spam.

In addition, the Znote is also searchable, so that you can easily add externally-visible keywords to your secure message.

Through ZSentry authentication, people will know that your email is not spam, is actually from you and not something to be suspicious about, such as a phishing attack. ZSentry provides Free Reply choices so that a customer, patient or just website visitors can also send you a Zmail — and you can verify that it is safe to open before you actually do it.

And you can easily verify that your Zmail was read, with a Return Receipt providing full "When, Where, Who, What, How" information. You can control how your information is used, delivered and tracked, by using Expiration Time (self-destruct) and other ZSentry controls.

No. It can be more secure if both do, but it works with just the sender using the service. This means that ZSentry is less intrusive on the receiving party than requiring keys, passwords, software installation, or even a setup. This is very useful when you do not want to bother the receiving party, as in a first contact. You can request a Return Receipt upon reading, and also set the email to self-destruct, to track and protect your information. For more, read How to Use Zmail

Nothing is routed thorough ZSentry when you receive secure email, and the email is received in your regular Inbox. When you send secure email, there are two cases, controlled by the sender:

1. Automatic: (higher usability, requires expiration less or equal to 31 days) The message is encrypted per-recipient and split in three parts. One part is sent to the recipient and the other two parts are controlled and stored in the ZSentry servers. All three parts are needed for reading. The result is that even if an attacker has full access to all the servers, and knows the recipient's Usercode / Password, the ZSentry message still cannot be decrypted.
2. Inline or Attached: the ZSentry message is fully sent encrypted to the recipient, and there's no part with ZSentry.

Yes. ZSentry is certified by the U.S. Government to provide a HIPAA-compliant EMR (Electronic Medical Records) solution (CHPL Product Number: IG-2482-11-0040), including encryption when exchanging electronic health information (§170.302.v) and providing an electronic copy of health information (§170.304.f).

ZSentry is also U.S. government certified to satisfy HIPAA requirements in U.S. Federal incentive payment programs with Medicare (up to $44,000) and Medicaid (up to $63,750), where ZSentry works with partners providing qualified solutions for meaningful use of certified EMR. ZSentry can also be used with the U.S. Federal incentive program for Eligible Professionals (EP) who are successful electronic prescribers. The bonus is 2% of the Medicare allowed charges for the year.

Regarding HIPAA and other regulatory requirements, such as FERPA and U.S. state privacy laws, the levels and extent limits of ZSentry compliance are specified in the ZSentry Compliance Statement» including safeguarding protected health information (PHI), privacy, security, and integrity.

In summary, ZSentry provides compliance on a technical level, under HIPAA, HITECH Safe Harbor, and other rules as well, without requiring users to sign a Business Associate Agreement (although a BAA can be signed if desired).

Rather than everyone paying a higher price with the BAA, the ZSentry technology allows us to provide a HIPAA compliant service without the formalities of a BAA and with reduced price, while still offering the BAA to those who want it.

In these applications, ZSentry provides per-message encryption, de-identification, two-factor authentication, control, data loss protection, secure archive and auditing, protecting information in transit and at rest. ZSentry HIPAA conformance can also be verified by you or anyone else. It's quite straightforward and we are also at your disposal for any questions. Read more

There are well-known and recognized standards for encryption of email, including ITU-T and IETF X.509/PKI with S/MIME, and PGP with or without PGP/MIME encoding. ZSentry was developed after these standards and improves upon them in both usability and security . ZSentry provides per-message encryption, de-identification, two-factor authentication, data loss protection, secure archive, message control, and auditing, protecting information in transit and at rest. ZSentry reduces the trust and control requirements in several critical areas, making it easier to attain and demonstrate a higher level of security while increasing usability, for example:

1. Physical Safeguards: ZSentry enforces per-message, end-to-end encryption for every message, so that data is always protected in transit and at rest. Additionally, ZSentry eliminates (rather than just protects) attack targets, which technology we call Sans Target.
   
   The ZSentry Sans Target technology helps allay staff concerns and reduces risk for everyone, including in the cloud and at the client's end. For example, ZSentry does not store your keys, Password and Usercode anywhere, not even encrypted. As another example, if you use the default ZSentry Automatic Skin, a part of your encrypted message may be stored online but the stored part is Sans Target and does not by itself allow the message to be decrypted.
   
   Access to hardware and software is limited to properly authorized individuals. All hardware is located in the US, and customers can also use ZSentry Director to host and physically control their own ZSentry hardware.
   
   
2. Technical Safeguards: ZSentry uses adaptive security, which can reduce and even eliminate the probability of common attack vectors, and also reduce reliance on the actions of users, or other agents. ZSentry adds password hardening with two-factor authentication to protect your ZSentry Password from someone trying to guess it (see next FAQ item).
   
   To reduce exposure, senders can set an expiration period for their ZSentry message to physically self-destruct. This safeguard includes a forensic control perimeter with an effective combination of technical and legal protection in three areas: infringement of copyright, breach of contract, and circumvention of a technological protection measure, to help prevent and control leaks.
   
   To assure secure, server-certified and CRL-verifiable PKI exchange with third-party servers, both the SSL SMTP and SSL HTTP certificates for zsentry.com are issued by leading Certification Authorities, including Thawte Premium Server CA, and support High-grade Encryption (AES-256 256 bit).
   
   SSL bridge and re-direction attacks are prevented by protocol and also by enforcing an SSL connection for any link which sources protected data (e.g. page or message) or contains links to protected information or for protected information entry, even if the link was initially presented as http:// — i.e., without an SSL request (for example, to allow proper operation with some Mail clients). To allay spoofing concerns, our trademarked name ZSENTRY (used in zsentry.com) was crafted to visually prevent letter or number confusions that could lead users to a false site, such as between the number 1 and the letter l in app1esauce vs. applesauce.
   
   
3. Administrative Safeguards: ZSentry operates within the Safe Harbor provision that is legally enabled by privacy rules such as U.S. State Security Breach Notification Laws, HIPAA and HITECH. With ZSentry there are no fines, no loss of reputation, and no liability to notify users in the breach notice context, as no user identity and data can be compromised (Sans Target, see item #1).
   
   This also makes it simpler to demonstrate compliance levels and extent limits regarding HIPAA and HITECH Safe Harbor, with the important benefit that customers are not required to sign a HIPAA Business Associate Agreement (however, ZSentry can sign a BAA if desired). The same beneficial considerations apply to the Federal Financial Institutions Examination Council (FFIEC), the International Standards Organization (ISO) 17799 norm, and other regulations.
   
   
4. External Safeguards: ZSentry technology was first qualified by the Swedish Government's Ministry of Justice Statskontoret in 2001. ZSentry and secure email ZSentry Mail have been extensively peer reviewed, with continuous use online for secure email since 2004, including millions of secure messages sent and received across many different platforms and thousands of organizations worldwide. All procedures use standard and well-known cryptography functions, with a choice of ZSentry encoding (ZS), PKI or PGP.

Only ZSentry has this comprehensive technology. Because only you have your keys, and it would take a staggeringly long time to have a good chance of guessing them, only you can, for example, access your encrypted email address book and decrypt a Zmail sent to you (see next FAQ item). Read more: ZSentry Compliance Statement

ZSentry has three properties that distinguish it from other security technologies using passwords:

1. Sans Target: Only you have your ZSentry Usercode and Password, they are not stored by us, and we do not know them. There are no password or usercode files that could be targeted anywhere. We call this unique property "Sans Target", and is used by ZSentry also to protect your user-keys and user files. The only attack possible is guessing by trial-and-error, which is made harder by properties #2 and #3 below.
2. Password Hardening With Two-Factor Authentication: ZSentry is not as dependent on password quality for security, as conventional systems are. ZSentry uses password hardening with two-factor authentication to help protect your ZSentry Usercode and Password from someone (even our staff) trying to guess them. You can also use ANSI codes from #32 to #255 (keyboard ALT-number), enabling more than 132 bits of entropy with just 13 ZSentry Password characters (and the Usercode).
3. Asymmetry: Because computers work quickly and can network in parallel, security can also be broken very quickly, for example using dictionary attacks to break passwords. Unlike other technologies, while ZSentry prevents too many unsuccessful attempts at access, it does not need to rely on such prevention (which can be bypassed, technically and socially). Instead, ZSentry introduces a critical asymmetry. Although ZSentry authentication is very quick, trial-and-error guessing would take a prohibitively longer time than with a conventional username/password system even if a user would choose a lame password (found in password dictionaries).

To put these points into perspective, if a dictionary attack would take just one millisecond (1/1,000 of a second) to break a conventional system, the same attack for the same password could require more than two million years to break the ZSentry system. Read more

ZSentry makes it much harder to fool people, sending or receiving email. Received messages can be verified to be authentic, by ZSentry and also independently. For sending, ZSentry Client is spoof-free and provides hands-free Single-Sign-On and Mail after setup. The web service includes spoof prevention. In all cases, the ZSentry Usercode and Password are not online, so users cannot be impersonated even if there is a server breach.

The HIPAA HITECH rules, as well as breach notification laws in more than 45 U.S. states and other countries, provide "safe harbors" for encrypted information. According to HIPAA rules, encryption of protected health information (PHI) data at rest and in motion provides a safe harbor that protects organizations from the costs and losses associated with data breach notifications, and fines that can range from $10,000 to $1.5 million per violation.

ZSentry provides Safe Harbor compliance with HIPAA HITECH and other rules, with no fines and no liability in the breach notice context, as no user identity and data can be compromised. Furthermore, ZSentry provides compliance with or without a Business Associate Agreement. Read more

Conventionally, you cannot. Sending an email necessarily entails copying the message to other systems, which you may not have access to or even know of, potentially archiving the email forever. Senders and recipients may delete email files but, often, files can be easily undeleted or copied from a back-up. Senders and recipients may also get a screenshot of the email and save it. The result is undesired email retention, and an open risk for disclosure.

ZSentry Self-Destruct solves the various facets of this problem. You can actually eliminate the disclosure risk of email, webmail, SMS, IM, and file storage by setting it to self-destruct after the time you want, for example 30 days or even one hour. Read more

The ZSentry differential is not just about encryption, as that needs to follow well-known standards such as AES, but about many points missing in other products and that are even more critical than encryption for privacy and security.

With ZSentry, your data is protected by end-to-end encryption, onsite, online, and at rest. The user and not ZSentry or your provider holds the keys.

ZSentry provides IT with assurance that only trusted users are accessing confidential communications and services, and that their devices comply with established policies even with no setup. ZSentry can be easily personalized and centralized settings are available. Users' configuration profiles (Dashboard) are individually encrypted and can be locked by IT so that settings cannot be changed.

The ZSentry advantage further includes:

Design: simpler and complements rather than replaces existing solutions, operating Sans Target and providing an "all-in-one" seamless approach for anyway mobility.

No Plugins, Already Works: provides SSL/HTTP and SSL/SMTP service interfaces with no installation or plugins for all leading, familiar solutions including Google Apps, Outlook, Android, iPhone, iPad, and Exchange Server.

Foolproof: avoids common problems caused by human error or misuse, while providing two-factor authentication, multi-channel identification, anti-spoofing, end-to-end encryption, data loss protection, secure archive, secure first-contact and quick reply options with no recipient signup required, document life-cycle management with self-destruct, control, delivery and tracking options, automatic key management, and private-key protection.

Sans Target: the ZSentry technology eliminates (rather than just protects) common attack targets. This helps allay staff concerns and reduces risk for everyone, including in the cloud and at the client's end. For example, ZSentry does not store your keys, Password and Usercode anywhere, not even encrypted. As another example, if you use the default ZSentry Automatic Skin, a part of your encrypted message may be stored online but the stored part is Sans Target and does not by itself allow the message to be decrypted.

The choice is yours. ZSentry works cross-platform, as a middleware in-between the end-points, so that there are no changes for anyone while everyone gets more value from what they have. ZSentry functionality is already included in cloud-based, on-premise, and mobile solutions, which can now become regulatory compliant with anyway mobility, as well integrated and improved in new ways.

For example, use with any or all of Android (Samsung, HTC, Motorola), Apple (including Mac, iPhone, iPod, Mail, iPad, iCloud, Safari), BlackBerry (RIM devices, Mobile Fusion), Google (Apps, Gmail, Chrome), Linux (including Apache, Postfix, Dovecot), Microsoft (Windows, Phone 7, Outlook, Outlook Express, Live, Windows Mail, Office, Office 365, Exchange, Internet Explorer), Mozilla (Thunderbird, Firefox), Nokia (S60, Lumia), Yahoo, and other products, for secure mail, webmail, SMS, IM, web forms, Single-Sign-On, file storage, and other applications.

This question fits in our larger theme, where ZSentry is used to improve applications and user devices in many areas, in addition to adding end-to-end encryption and HIPAA compliance.

Sharing information is a key benefit of using email, SMS, and Google Apps, for example, but can also be a big problem as we all know. In particular, organizations and individuals want to prevent undesired information sharing and disclosure.

Google Apps itself and other tools in the marketplace offer some solutions to this problem, whereby sharing of documents outside the domain can be restricted, or sending email outside the domain may be prohibited.

These solutions, to use technical terms, are discretionary rather than mandatory. When using email or a cloud service for example, a "restriction" provides no assurance that the information is not being shared in an unintended way. Mandatory control requires encryption, which is effective with the caveat that the customer must control the keys (not the service or cloud provider).

ZSentry provides this higher-level of assurance. With ZSentry, user data is protected by end-to-end encryption, onsite, online, and at rest, where the user and not ZSentry or the provider holds the keys.

ZSentry can then be used effectively to control information sharing when using email, Google Apps or other application, and also add tracking and use data.

This can be useful (for example) with student accounts provided by an educational organization, even if the organization is not interested in encryption or HIPAA. That's because the organization may benefit by ZSentry's higher-level of assurance in protecting information sharing, as well as providing tracking and use data.

ZSentry has been noted for this application, often as the only solution mentioned to better protect information sharing with Gmail and Google Apps for example.

Yes, in desktop and mobile devices, with no setup. Your recipient (even if not a ZSentry user) can use the FREE Secure Read & Reply»

Yes and, as chosen by you, your ZSentry SMS can also Self-Destruct (Expire), send back a Return Receipt upon delivery, authenticate the recipient, and provide you with a Secure Vault copy. The specific instructions for SMS (texting) are at ZSentry SMS»

Reply: ZSentry also lets you reply securely by SMS or email. Instead of texting back, and be limited by SMS, your recipient (even if not a ZSentry user) can then use FREE Secure Read & Reply»

Yes. The specific instructions for secure fax are at ZSentry Fax»

Reply: ZSentry lets you get out of fax use and reply securely for example by email or SMS (text). And you can also set your reply to Self-Destruct (Expire), send back a Return Receipt upon delivery, authenticate the recipient, and provide you with a Secure Vault copy. Instead of sending another fax, your recipient can then use FREE Secure Read & Reply»

Yes. The specific instructions for secure voicemail are at ZSentry Voicemail»

Reply: ZSentry lets you get out of phone use and reply securely for example by email or SMS (text). And you can also set your reply to Self-Destruct (Expire), send back a Return Receipt upon delivery, authenticate the recipient, and provide you with a Secure Vault copy. Instead of calling or leaving another voicemail, your recipient can then use FREE Secure Read & Reply»

First, privacy and security. And new functions such as Self-Destruct and Secure Vault, allowing users to do more while keeping costs down. ZSentry also provides seamless integration and more reliability for cloud, desktop, mobile, and web solutions, allowing users to greatly benefit from their integration.

With ZSentry could users can, for example, keep a plaintext copy of their sent emails in local files only, for privacy. They can also mashup with desktop data/services, including Outlook and Excel, which are much easier for corporate setup and dealing with moderate to high mail volume, incoming or outgoing.

ZSentry enables users to securely integrate data from different applications and different sources on the desktop in ways that people can't do so well yet with just cloud solutions, such as in sending secure personalized messages merging each recipient's name and records.

Using ZSentry, this can all be integrated with cloud systems such as Google Apps, Gmail, Office 365, and Yahoo, offering redundancy, higher availability, easy access from anywhere, much lower cost (even free), 24/7 maintenance, and other benefits.

In the current Apple iOS version, iPad and iPhone devices store in keyboard cache files whatever the user types. However, Apple says that the iOS keyboard cache does not store data entered into a password field. All ZSentry services, including ZSentry Mobile and ZSentry App, use password fields to request both the user's ZSentry Usercode and Password, and should not have the user access credentials stored by the iOS.

Typing a secure email using iPad, iPhone, or any another device that has a keyboard cache file, can create a local plaintext copy of the message, even if the application does not store a plaintext copy (in a Sent folder, for example). If those are concerns in your case, we have solutions that may fit your needs; please submit a Support Ticket

ZSentry can help in many ways, even not requiring phone preset.

For example, You can safely keep ZSentry Secure Vault messages in your phone, tablet or any device, where every message is individually encrypted and requires your ZSentry two-factor authentication to read.

ZSentry will also self-destruct any messages using device authentication that expire, reducing everyone's window of exposure. When you use Secure Quick Reply, no copy is left in your device. When the message uses ZSentry Return Receipt, it automatically sends a notice to the sender with Who, Where, When, What and How information from the device upon reading the message.

With preset, ZSentry is compatible with third-party solutions to provide online access to self-service smartphone security functions, which let users reset a device password, lock a device remotely or wipe data from a device if it is lost or stolen. For more information, please submit a Support Ticket

ZSentry is a complement to Microsoft, Google, and other platforms, so that your ZSentry setup can use any or all of them, with redundancy and diversity, and change the mix at any time.

This allows you to easily "route around" and overcome a failure affecting a system or its network. For example, you can use a cell phone to send and receive secure email if your office Internet line is down.

With ZSentry you do not have to choose between desktop, cloud, web, and mobile setups. Read more

From the end user's point of view, after setup, ZSentry Single-Sign-On (SSO) is invisible, just as with an installable Google App. The user is logged in to Google Apps, going about a task, and then decides to send a secure email. The user clicks Compose and sees a drop-down list for the 'From' address. The user selects the 'From' address that uses ZSentry, writes the email, then clicks Send. That's all! The email is sent encrypted, securely, with all the ZSentry options. The SSO operation occurs behind the scenes, in-between clicking Send and the email being actually sent. If the user notices anything, it will be the absence of an intermediate login step.

Behind the scenes, when you click Send in Google Apps, your email is protected by ZSentry using encryption and authentication before transmission (by Google-ZSentry server-to-server authenticated SSL/SMTP), and will be delivered encrypted per-message, end-to-end (by ZSentry). You receive ZSentry secure email at your own Inbox (in Gmail, Google Apps, or in a Mail Client using your Google account), can read & reply securely, and avoid online breach notification liability.

How this works internally at ZSentry? There are well-known and recognized standards for encryption of email, including ITU-T and IETF X.509/PKI with S/MIME, and PGP with or without PGP/MIME encoding. ZSentry was developed after these standards and improves upon them in both usability and security. ZSentry reduces the requirements in four critical areas, as mentioned in this FAQ (see item "Why is ZSentry secure?").

Thus, from the technical viewpoint, standard encryption technology with the unique ZSentry Sans Target method keeps email safe and HITECH Safe Harbor compliant, sending data between parties as regular email without pre-arranged passwords. Even Google can't read or scan it. It doesn't require installation of any software, which promotes usability, and it even adds functionality such as self-destruct, with message level access control. It's also free for patients and personal use. Price starts at $4.99.

This answer is not specific to Gmail and applies also if you send a ZSentry mail to user@yahoo.com or any other address.

They receive ZSentry secure email at their own Inbox (in Gmail, Google Apps, Yahoo, or in a Mail Client). Both you, the sender, and the recipient can choose how they can read it, within your different roles. Suppose the sender chooses 'Automatic Skin', which is the default. The recipient gets a link to see an encrypted copy in the browser, and may also get a link to read the email directly in a Mail client (including Outlook, Apple Mail), where in both cases the recipient can reply securely with the From address that uses ZSentry. Alternatively, the sender can choose a different Skin and send the whole message encrypted, not just a link.

How does Gmail or Yahoo know how to decrypt the message? The link in Gmail or Yahoo connects in SSL to zsentry.com where the request is processed according to the sender's delivery request: for example, recipient must login. Or, recipient's mailbox must be authenticated. In each case, the sender may allow reading only until expiration (self-destructing afterward), request a return receipt with Who, Where, When, What, How information, and request other options such as to send back a secure archive copy that does not expire.

No. ZSentry does not use Postini, Google Message Encryption, any other add-on, or plugin.

ZSentry makes it simpler and safer for customers, because ZSentry is HIPAA-compliant with or without a HIPAA Business Associate Agreement (see this FAQ), and is also HITECH Safe Harbor compliant.

Even if your current encryption solution is HIPAA compliant, if it is not also HITECH Safe Harbor compliant then your organization is still subject to large fines, breach notification duties, loss of reputation, and can be sued by users in case of a breach.

Furthermore, beware of security solutions that use passwords for security, which is neither usable for the recipient nor secure. ZSentry uses two-factor, strong authentication, without passwords (even though, for familiarity, the second-factor is called ZSentry Password).

ZSentry is already integrated with Google Single-Sign-On and Mail in Web browsers, Mail clients, and ZSentry App. The ZSentry for Google solution provides end-to-end security and usability, with no required Business Associate Agreement to sign, and eliminates (rather than just reduces) breach notification duties, operating in the Safe Harbor condition.

Yes. Google Apps, Gmail, MS Office 365 or any email you use, can be HIPAA compliant using ZSentry. There are no add-on, plugins, or changes to the user interface.

For example, ZSentry encrypts all data stored and transmitted via Google Apps, per message and such that Google administrators or anyone breaking into your Google account would never be able to read the PHI. This means HIPAA/HITECH Safe Harbor compliance. You can use Google Apps and Gmail also through Outlook, or use ZSentry directly with Outlook. And patients can use Gmail + ZSentry without cost to send and receive PHI, using Free Reply choices that you can easily provide to them.

However, the answer without using ZSentry is "No". Microsoft does not declare that Office 365 is HIPAA compliant. Google does not certify or identify Gmail or Google Apps as being compliant with HIPAA, while the Postini add-on (optional paid service for Google Apps) offers password-based encryption.

HIPAA requires that all associated service providers who will hold or retain protected health information (PHI) sign a business associate agreement. This means Google Apps, Gmail, and MS Office 365 would need to incorporate a business associate agreement into their service standard terms. However, even with that and add-ons, Google Apps, Gmail, and MS Office 365 are not in the HIPAA/HITECH Safe Harbor. Therefore, medical services providers should not transmit PHI via, or store PHI in, Google Apps, Gmail or MS Office 365 without using ZSentry.

Please go to ZSentry for Google How-To»

Please go to ZSentry How-To»

ZSentry works in both environments. For example, you can set an Android phone to use Office 365 through Exchange to receive all email and send regular email, while the ZSentry account sends all secure email (and receives no email).

With ZSentry App, ZSentry always sends encrypted. With ZSentry Client, the behavior depends on the Mail client.

For example, Outlook can lock sending to be done by ZSentry as default, as exclusive option, as defined by the user, or as defined by policy (as a function if Subject or recipient, for example). Exchange Server can do the same, but centralized. Google Apps can also be set to send securely by default, or as selected by the user.

Because that's how it has ever been, for more than a generation. Before ZSentry, people thought that secure email was one of those things that you can't really explain to people. It was seen as something that senders and recipients had to see in action, something that they both had to experience.

That has all been solved with the launch of ZSentry, which improves, secures, and aggregates user's services on the desktop, phone, and web browser. Without any service or device changes, ZSentry users can do more — they can send, store, and read secure, HIPAA compliant data on multiple platforms, all at once. User services include email, webmail, SMS, IM, file storage, and single-sign-on. ZSentry works with leading solutions including Google Apps, Outlook, and iPad.

You already know how to use ZSentry, all you need to do is one mouse click.There is NO download, NO installation process, NO plugins, NO digital certificates to buy or send, NO changes at all in your system. Zmail ends the encryption / decryption hassle that for more than 15 years has prevented the widespread use of email encryption.

Encrypt with 1-click. You send encrypted Zmail using your own desktop Mail client such as Outlook and Apple Mail, a Cloud app such as Google Apps and Gmail for any email address including Yahoo and Hotmail, or the Zmail app using only your web browser. Easy to send, even on first contact.

Decrypt with 1-click. You receive zmail as a regular email message at your current email address at your desktop, webmail, or mobile device, using your current software and service, including Outlook, Mac Mail, Thunderbird, or web mail services such as Gmail, AOL, and Yahoo.

Zmail is easy to read. This makes it also easy for you to decide sending a secure email, because you know that any recipient can read it securely, without cost or installation, and (if you allow it) even without login or registration. You can send a secure email on first contact, to anyone.

In summary, senders and recipients can easily use ZSentry to improve, secure, and aggregate their current services, without any changes in the user interfaces. ZSentry works with leading solutions including Google Apps, Outlook, Android, iPhone, and iPad. Protected services include email, webmail, SMS, IM, file storage, and single-sign-on. Improvements include complementary ZSentry functions for document control, delivery, tracking, and auditing, such as Self-Destruct, Return Receipt, Secure Vault, Secure SMS, and Certified Delivery.

As you use ZSentry, you can improve business flow and mitigate the regulatory burden facing your organization.

People are concerned about someone leaking confidential messages, password and keys. People also know that, in spite of best efforts, an online server can be attacked and information copied, in a service provider or even in their own secure server. Organizations also have a legal obligation to prevent privacy breaches, and not just for medical records (HIPAA).

There are other reasons, as well. For example, did you ever need to call to see if your email arrived? Do you think that someone could falsely claim that they did not receive your email, say that they sent it at an earlier time, or say that they received it later than they actually did? Are you concerned about email phishing and identity theft?

Today, those problems are recognized as major sources of fraud losses and concern, posing significant challenges to anyone from individuals to large corporations. Those problems are solved by ZSentry Mail. For more, read Encrypt & Self-destruct

ZSentry has several modules. For example the Mail module, which is used to provide ZSentry Mail (Zmail) services.

Organizations can use Zmail to protect their business information and also to protect their customers from phishing emails; health care organizations and professionals can use Zmail to protect the confidentiality of private and health information in their email exchange; associations can use Zmail to send secure ballots for their members to vote securely without paying postal mail; law firms can send electronic and scanned documents with Zmail to cut down on FedEx costs and time. To track if their email was actually opened, when, where, and how, Zmail users can easily request a return receipt as a condition for the recipient to decrypt their message. Zmail messages can be further controlled, with release date, expiration date, unforgeable digital signature, and other features.

Varied business processes, from lead generation to online sales and requesting payment, can be done securely in 1-click using your existing email solution or web browser, with no plugin or download, and without requiring new investments, by means of "instant-on" ZModules such as, for example, Secure Mail, Secure Forms, and Secure Vault.

No. ZSentry works using technologies already built into your Web browser and Mail client software, on Windows, Mac OSX, or Linux.

ZSentry is compatible with Outlook, Thunderbird, Mac Mail, Eudora, Gmail, Yahoo, AOL, Firefox, Internet Explorer, Safari. There is NO download, NO certificates to install, NO pre-enrollment of recipients, NO password exchange with your recipients.

With nothing to download or learn by your recipients, you can use ZSentry right now to control and protect your email address, your identity online, emails and attachments.

ZSentry does not change, store or setup anything in your computer or phone.

If you update an app in your phone that uses ZSentry, the setup for ZSentry should be automatically transferred when you update the app. For example, if you use ZSentry for Gmail in your phone, or if you use ZSentry App. Otherwise, you may need to setup the app. There is no download or installation in any case. After the device or app update, just please test and everything should work fine.

Short answer: No. More details below.

A mail exchanger record (MX record) is a type of record in the Domain Name System (DNS) that specifies a mail server responsible for accepting email messages on behalf of your domain. ZSentry does not receive email for your domain. Therefore, there is no change to your domain's MX record.

A Sender Policy Framework (SPF) record is a type of record in the DNS that identifies which mail servers are permitted to send email on behalf of your domain.

ZSentry sends secure email on behalf of your domain. If your domain does not have a SPF record, or the SPF record does not identify the ZSentry mail servers, then your email should receive a "neutral" classification in terms of spam (neither permitted nor denied). The intended result in terms of the SPF specification should be "accept". Therefore, there should be no need to change your domain's SPF record.

However, if desired, you can change your domain's SPF record by adding the following mechanism:

include: zsentry.com

which will include the ZSentry mail servers that can send secure email on behalf of your domain.

ZSentry provides initial and ongoing support. The customer can use a ZSentry Certified Partner to also provide local and online support & setup services for the organization, and help assure regulatory compliance.

The roll-out process is usually done in two or more phases:

1. Managers: The customer chooses one or two ZSentry Account Managers (ZAM), then their accounts are setup and verified by ZSentry or a partner.
2. Users:The ZAM provides local support or helps users set up the other accounts, with ZSentry or partner support.
3. Waves: The user roll-out can be done in "waves", so that the roll-out load does not become too high for the organization.

Support includes a detailed Support Center, 24/7 self-management tools including password reset and recovery, Support Ticket submission, and phone support. The support interface is integrated with ZSentry App

The answer depends on sender choices. If the sender used the Automatic Skin (default), after you click to read and your identity is authenticated (as chosen by the sender), then click "Original". The encrypted message will be shown to you, as it was sent. If the sender used the ZSENTRY Skin (set in the ZSentry Dashboard or Task Code), you will see the encrypted message directly in your Inbox and will then decrypt it through ZSentry App (requires login).

For example, a typical encrypted message would look as follows:

For organizations, ZSentry brings U.S. certified HIPAA, ARRA, HITECH Safe Harbor, and regulatory compliance with no changes, albeit with more capability and improved services for employees and users.

For individual accounts, for example an independent physician or an investment manager, ZSentry brings the same benefits without requiring external IT support.

For users, it is free and hassle-free to read, store, and reply securely. With no pre-arranged passwords, changes, setup, signup, or added cost, ZSentry broadly improves the utility, security, mobility, and usability of end-user devices for desktop and phones in any OS.

ZSentry fits in-between what organizations and users already have, and lets everyone get more value from what they have. For example, you can send secure email and SMS (texting) messages using your desktop, cloud service, or phone, automatically secured with no concern that recipients will have password, technology, or device issues in any platform, while ensuring HIPAA and regulatory protection to send, read, store and reply.

ZSentry connects productivity apps and services across every platform.

• Supported Services: (may need setup) email, webmail, web forms, SMS (texting), voicemail, calendar, IM, file storage, and more.
• Added Utility: includes secure vault, delivery confirmation, digital signature, notarization, message life-cycle control, single-sign-on, unified communications, and more.
• No Changes: For example, you receive secure email at your usual Inbox, with nothing routed thorough ZSentry, for an email address that you already have. You use your current software, ISP or webmail provider. ZSentry does not receive email and does not host email addresses for users. There is nothing to download or install, no plugins or add-ons.
• Standard Interfaces: ZSentry uses HTTPS at port 443 and/or SSL/SMTP at port 465 (safer, faster). ZSentry can be used in clients, in the cloud, servers, and chips. ZSentry is already seamlessly integrated with leading IT solutions such as Gmail, Google Apps, Outlook, Android, iPhone, iPad, Exchange server, and Postfix. ZSentry is based on things that people already understand.
• End-to-end Encryption & Compliance: ZSentry Sans Target technology enables instant-on regulatory compliance where your data is protected by end-to-end encryption, onsite, online, and at rest. The user and not ZSentry or your provider holds the keys. Enable HIPAA and HITECH Safe Harbor compliance with or without a Business Associate Agreement.
• Foolproof: Organizations can use ZSentry for secure communication with no concern that users will have password, technology, or device issues in any platform. In case of need, ZSentry includes a 24/7 auditing and self-management system, with remote file access monitoring and password reset.
• Usability & Mobility: ZSentry provides safe encrypt and decrypt with 1-click, secure first-contact and reply without registration, two-factor authentication, anti-spoofing, per-message encryption, return receipt, self-destruct, data loss protection, secure archive and other document-control functionality, in desktop, cloud and mobile platforms.

NMA ZSentry Premium adds regulatory compliance, including HIPAA & HITECH Safe Harbor, mobility, functionality and usability, without changing your current solutions and providers. You can send securely to anyone with an email address, and receive their secure reply on first contact without requiring registration. ZSentry Premium may also be branded and customized. Read more

This is a ZSentry service offered by senders to recipients, providing Free Reply choices. All choices enable free, secure, first-contact messages and reply. Price: No cost.

There is no catch: we offer Free Reply choices to allow the recipients of paid ZSentry Premium messages to read and reply to them without cost, just like postal mail with a SASE (self-addressed, self-stamped envelope), but with higher security.

This service is offered using the ZSentry Basic terms of service, enabling cost-free end-to-end encryption, decryption, and authentication for personal use. To prevent abuse and spam using the free service, ZSentry Basic users can send a limited number of secure email Zmail messages a day. There is no limitation for reading.

NMA ZSentry is a technology and cross-platform service for secure, usable, and seamless exchange of information for email, webmail, SMS (texting), IM and other services. ZSentry provides standards-based identity and secure services with unique benefits including:

• already integrated with Mail and Single Sign On for Gmail, Google Apps, Outlook, iPhone, Android and other systems;
• does not change email, or how anyone uses email, and yet it makes email better, allaying concerns of impersonation fraud (identity theft), spam and phishing, eavesdropping, and unintended disclosure;
• uniquely allows Mail clients & Cloud apps to send and read secure email with zero added user interfaces (nothing to learn);
• additionally, has an easy-to-use, standards-based SSL user interface for Web browsers;
• enables Encrypt and Decrypt with 1-click in all modes of operation;
• empowers users with unique security and usability advantages of Mail clients over Web browsers in terms of SSL implementation;
• provides seamless Desktop, Web, and Mobile service for on-demand and/or on-site security services including email, webmail, SMS, IM, sales, billing, and archiving;
• uses unforgeable (cryptographic) two-factor authentication and anti-spoofing protection;
• presents a familiar username/password authentication interface that uniquely protects passwords against dictionary attack and does not store passwords or usernames anywhere;
• complies with HIPAA, HITECH, HITECH Safe Harbor, FERPA, FFIEC, GLBA, SOX, U.S. State Security Breach Notification Laws and ISO 17799 regulations;
• no required HIPAA Business Associate Agreement to sign (although a BAA can be signed if desired);
• works with any Web browser and Mail client, including Outlook and Apple Mail;
• integrated with Gmail, Google Apps, and other Cloud apps for sending and receiving secure email directly;
• when sending and receiving secure messages such as email, webmail, SMS, or IM, there is no download, no installation process, no plugins, no digital certificates to buy, publish or send, and no changes at all in client systems;
• less Total Cost of Ownership;
• there are no Java programs or ActiveX controls to trust and update in client systems;
• allows users to send a secure message with a single mouse click on first contact, to anyone, anywhere;
• does not burden recipients with anything more than a single mouse click;
• works with Windows, Mac and Linux.

ZSentry works as a distributed middleware between your existing infrastructure and your existing applications and desktop systems, enhancing functionality, usability, and security without changing the end-points.

Because that's how it has ever been, for more than a generation. Secure email was one of those things that you couldn't really explain to people. It was something that senders and recipients had to see in action, something that they both had to experience, be trained for and make sure was compatible with their OS and devices.

That has all been solved with the launch of ZSentry, which improves, secures, and aggregates user's services on the desktop, phone, and web browser for any OS. Without any service changes, users can send, store, and read secure, HIPAA compliant data on multiple platforms, all at once. User services include email, webmail, SMS, IM, file storage, and single-sign-on. ZSentry is already integrated with leading solutions including Gmail, Google Apps, Outlook, Android, iPhone, and iPad.

Simplicity is the key used by ZSentry to get both security and usability.

ZSentry is a distributed middleware platform. It works in-between what you already have, and that's why ZSentry does not change what you have and lets you get more value from what you have. There is nothing to install either, and setup is optional. ZSentry also includes a 24/7 auditing and self-management system.

With ZSentry, you get more value from what you have. You receive secure email at your usual Inbox, with nothing routed thorough ZSentry, for an email address that you already have. You use your current software, mail clients, cloud clients, ISP or webmail provider, and devices. ZSentry does not receive email and does not host email addresses for users. There is nothing to download or install, no plugins or add-ons. There is no need to change your user interface. There is no POP or IMAP server use.

ZSentry does not change your recipients' or anyone else's email or system either. Everyone keeps what they have, no new investments, no training, no change. Organizations and power-users can also use ZSentry to directly interface with office applications such as Word, and server applications using .NET, PHP, and other languages.

The sender controls how long the recipient may view the message. This is controlled technically by session control, self-destruct, and by legally effective copyright expiration. Even if the recipient takes a picture of the message, use after expiration is a copyright violation. Read more

For email continuity, if the recipient uses ZSentry Client (e.g., with Outlook) the message is decrypted in the mail client and can be stored decrypted for viewing at any time. Again, the sender's copyright restrictions apply but this is likely not relevant within the same organization, for example.

Fast! The usual processing time is less than a second. Just as with regular emails, network delays may, however, result in a slower performance at your location.