Identity Theft

Google Improves Privacy Protection With Encrypted Gmail

Comments 0 Comments

Since news outlets have reported the extent of the National Security Agency’s surveillance activity monitoring Americans, some consumers may be uneasy about the thought of agents looking over their emails. However, many tech companies have begun to fight back with added encryption techniques. Google, for example, has begun to encrypt all of its traffic between email users, email servers and data centers.

Users can check the security of a site for themselves by looking at the website’s URL. If a website has https:// in front of it, than that means it is using encryption to keep hackers from spying on your data.

Google made encryption between data servers a priority after the revelations last summer that the NSA kept surveillance on sites like Gmail to read emails.

“Our commitment to the security and reliability of your email is absolute, and we’re constantly working on ways to improve,” said Nicolas Lidzborski, Gmail security engineering lead.

HIPAA Compliance & Google

Encryption is crucial for keeping data secure in the health care industry, as health companies must comply with privacy rules derived from the Health Insurance Portability and Accountability Act. Google has been making major advances in compliance practices that are specific to the health care industry, according to Health IT Security. This time, the tech company has added features to its cloud service, allowing for Business Associate Agreements (BAAs) between health care industry users and the Google cloud. Google first added HIPAA-compliance BAAs to its services last year in October. Google’s website indicates it offers BAAs for Gmail, Google Calendar, Google Drive and the Google Apps Vault.

Previously, the Oregon Health and Science University  was reprimanded when it stored HIPAA-protected data at Google without signing a BAA. Google has since created a streamlined process for signing a BAA.

The process has Google asking the following questions:

  1. Are you a covered entity (or business associate of a covered entity) under HIPAA?
  2. Will you be using Google Apps in connection with protected health information?
  3. Are you authorized to request and agree to a Business Associate Agreement with Google for your Google Apps domain?

Google & Email Security

With the upgrade to encrypted email, Google is now successfully able to prevent nearly all email account data breaches, according to Dark Reading. It has so far reduced the number of Google account compromises by 99% as of last year. According to Mike Hearn, a security engineer with Google, there is a system of risk analysis in place that determines the likelihood that a person signing into Google is truly the one who owns the Google account. This system uses 120 variables and occurs every single time someone logs into Google, whether it is every five minutes or every month.

More on Identity Theft:

Image: iStock

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Find out where you stand.
Get your FREE personalized credit report card.

Sign Up Now
X

Stay Connected to your experts

Please submit your email address to get credit & money tips & advice
from our team of 30+ experts, delivered weekly to your inbox.