Aspida Mail uses Identity Based Encryption (IBE) to encrypt email messages containing electronic protected health information (ePHI). When a user sends an email the ASPIDA Mail server applies various policies to the email. If a policy or rule match is found, the mail server encrypts the email with a public key using the recipients email address and sends a notification to the recipient.
The notification email contains an HTML attachment, with instructions and links informing the recipient how to access the encrypted email.
If this is the first time the recipient receives such a notification, the recipient must follow the instructions and links to register on the Aspida Mail server before reading email.
The recipient will be asked to answer 3 security questions and create a password the first time. Please note that this password directly correlates with the email address that the secure message was sent to, any subsequent messages sent securely to this email address will require this same password.
If the recipient has registered with the Aspida Mail server previously, the recipient only needs to log in to the ASPIDA Mail server to read email.
When the recipient opens the mail on the ASPIDA Mail server, the email is decrypted automatically.
Note: Recipients of secure mail have a time window of 30 days to register before the registration expires.
After 90 days of inactivity recipient accounts are terminated by the mail server. If a recipient receives another secure mail after the 90 days they will need to register again.
Secure mail will be saved on the mail server for 180 days.
Recipients who have forgotten their log in password and request a password reset will have 1 hour to complete the password reset.