Skip to main content
Get your brand new Wikispaces Classroom now
and do "back to school" in style.
Pages and Files
Prescription Status Track
Project HIE STANDARD
web of trust
PGP, which stands for Pretty Good Privacy, is a software program used to encrypt and decrypt email messages. It was developed by
in 1991. PGP is the most widely used privacy software used and has become the standard in email security. PGP is a variation of
public key cryptography
and is a highly effective method for ensuring the security and privacy of communication sentove the Internet.
How it Works
PGP uses a variation of the
system. In this system, each user has a publicly known
key and a
known only to that user. You encrypt a message you send to someone else using their public key. When they receive it, they decrypt it using their private key. Since encrypting an entire message can be time-consuming, PGP uses a faster encryption
to encrypt the message and then uses the public key to encrypt the shorter key that was used to encrypt the entire message. Both the encrypted message and the short key are sent to the receiver who first uses the receiver's private key to decrypt the short key and then uses that key to decrypt the message.
How PGP encryption works
Image Courtesy of
How PGP decryption works
Image Courtesy of
Application in Health IT
The 1996 U.S. Health Insurance Portability and Accountability Act (HIPAA) mandated confidentiality of medical records transmitted over the Intenet. Many health organizations are turning to PGP encryption to protect these files while transmitting over the Internet or while existing on laptops filled with sensitive data. In contrast to security systems/protocols like SSL, which only protect data in transit over a network, PGP encryption can also be used to protect data in long-term data storage such as disk files.
The Health IT industry is beginning to catch on to the power of PGP encryption.For example, as more and more providers are using email as a means of communicating with patients, insurance companies and other providers, it has become a primary concern that these communications, which may contain protected personal health information, are secure and patient privacy is maintained.
Types of PGP
There are two main types of PGP:
Rivest-Shamir-Adleman (RSA) - This version, for which PGP must pay a license fee to RSA, uses the International Data Encryption Algorithm (IDEA) to generate a short key for the entire message and RSA to encrypt the short key
Diffie-Hellman - This version uses the CAST algorithm for the short key to encrypt the message and the Diffie-Hellman algorithm to encrypt the short key.
While PGP, Inc. sells and owns a PGP commerical venture - the software is available for non-commercial use (for students and non-profit organizations) from PGP, Inc. and other commercial and free 3rd party sources.
Below are links to case studies related to the application on PGP
Maimonides Medical Center
PGP: Pretty Good Privacy
- A text by Simson Garfinkel and published by O'Reilly Media
- A text by Bruce Schneier
- An online tutorial that will show you how to download, install, set up, and use PGP encryption software
web of trust
Public Key Infrastructure (PKI)
International DAta Encryption Algoritm (IDEA)
help on how to format text
Turn off "Getting Started"