Cloud Maven’s “Secure Data Transports” has seamless integration with PauBox. PauBox Paubox offers a comprehensive set of features and services to make key management and encryption of PHI easy to manage and simpler to audit, including the Key Management Service (KMS). Master keys in KMS can encrypt/decrypt data encryption keys used to encrypt customer PHI. Data encryption keys are protected by customer master keys stored in KMS, creating a highly auditable key hierarchy as API calls to KMS are logged.
...
SF user will compose an email using a custom screen inside salesforce. The user will click on the “Send” button, which will trigger the email and an email record inside salesforce attached to the entity.
The system will invoke an HTTPS Rest API requests to PauBox to send the email. Data in-transit will be encrypted using TLS 1.2 or TLS 1.2+ protocol, and data at rest is encrypted using the AES 256 encryption.
The patient/customer will receive the encrypted email. If the patient/customer is using a browser(email client) that supports TLS 1.2 or TLS 1.2+, the customer will see the email; else, they will see a hyperlink inside the email, which will take the user PauBox hosted secure page.
The patient/customer email server will send the delivery status back to the PauBox.
Salesforce will pull the delivery data(~12 seconds) using API over the HTTPS connection and email messageId in the salesforce(This Id will be used for the threading of the patient/customer response).
Cloud Maven, Inc doesn’t store nor transmit any data using our servers. We don’t have access to the client’s data in-transit or rest.
Data at rest outside salesforce is encrypted using AES 256 encryption. Data is salesforce can be encrypted using the salesforce shield product.
Schema Diagram - All data will be stored inside salesforce. “Secure EmailMessage” can be linked to any object.
...