Encrypting E-mail
Once you have your certificates imported and tokens registered, you can begin sending encrypted messages from within Clinical. When Clinical is started, it detects the presence of the PKI software. When you enter your password, you are prompted to enter your PKI password. The password is stored in the computer's memory until you log out or shut down Clinical. The password is never stored anywhere on the computer's hard disk.
If you have registered a token, you must use the token password and ensure that the token is plugged into the USB port. If you have not registered a token, you can enter the site password and your e-mail is signed and decrypted using the site certificates.
E-mail in Clinical is only available in the Letter Writer. To e-mail a letter, either select on the Letter Writer menu, or click the button on the toolbar. If you have used the Clinical Address Book to choose the recipient, Clinical checks to see whether there is an encryption key for that recipient in the certificate store.
If so, the 'Encrypt with Medicare Australia PKI key' check box is activated and selected. If you do not wish to encrypt the e-mail, then unselect the check box. If you did not choose a recipient when generating the letter, you can select one while in the E-mail window by clicking the small button immediately to the right of the 'Recipient's Name' field. Again, Medical Director checks to see whether there is a certificate associated with that recipient and activates the 'encryption' check box if there is.
When clicking the Send button, Clinical automatically uses the recipient's public key to encrypt the letter before attaching it to the e-mail. It is also digitally signed by your Signature key. If you are using a token, it is very important to ensure that it is plugged in at this point, or your computer may lock up. When the recipient receives the e-mail, they are only be able to decrypt it if they have the correct private key.