The Institute of Financial Accountants (IFA) endorsed the use of RMail secure and certified electronic messaging services to support GDPR compliance. RMail has been identified with the highest rating for email privacy for GDPR compliance in an industry GDPR Compliance Guide. The technology guide identifies top criteria important for European General Data Protection Regulation (GDPR) email privacy compliance, rates a selection of leading technologies across these criteria, and concludes RMail services by RPost is top choice.
There are so many pitfalls to handling email that it’s hard to even imagine. Number one, there’s the client liability issue that could lead to litigation. Second, there’s regulatory issues, which nobody wants. Then there’s the reputation of your firm being damaged because you didn’t protect the privacy of your clients. So, to me, those are all big-ticket items as to why you really need to be very careful out there. Our firm handles tax documents, estate documents and other financial documents, so it really exposes us to those three issues. So, anything we can do to eliminate that is very helpful in what we want to do.
CEO of Melia Advisory Group, which manages over $65 million in assets and uses RMail services.
Importance of Registered Email™ Certified Email Proof of Delivery
The importance of receipt tracking and communication archiving is often taken for granted, but something as simple as keeping track of who said what and when, and whether or not an email was actually received or got stuck somewhere en route are still very common issues even to this day. Part of the compliance issues that financial firms run into is accurate archiving of financial data and client communication. But, an archive of what you claim to have sent is an incomplete record – Registered Email technology provides the verifiable record of what was sent and in fact received, and precisely when. RMail services are built upon this Registered Email technology. So for more substantive and time-sensitive email communication—often times with valuable information and documents involved—confirmed records of when and what was actually received by the recipient can make all the difference in the world, particularly if any dispute arises in the future.
But financial firms needing to stay in compliance of stringent data security and archival requirements set by numerous regulatory agencies face a tough balancing act. Adding layers to any process, especially those involving unfamiliar or burdensome technology raises a host of other challenges.
With RMail, we made sure that it operates in line with how you’re already doing email. We have plugins for Gmail, Outlook, mobile devices and others, so it runs natively within your existing email environment. People don’t have to go to a third-party website, upload files and documents and the receivers don’t need to go through hoops and hurdles to retrieve. It runs in line and doesn’t change the beautiful ubiquity of the way email operates.
Bottom line, the technology has to be simple or people won’t use it, and that can make all the difference in the world.
The most important thing is the concept of simplicity. If it’s not simple, if it introduces even a tiny bit of complexity, then the system may be circumvented. The systems won’t be used, and as a result, you have risk. If it’s not simple enough, no matter how secure it is, it just won’t be used. So it’s really about product design and making sure that you don’t lose sight of the need for simplicity alongside the need for adequate security. For us, the need for simplicity always has to be on top.
RMail specializes in security and compliance with its top-rated email encryption, auditable proof of privacy compliance, secure large file sending, and certified e-delivery services.
RMail runs elegantly inside Microsoft Outlook and Office 365, Gmail, and web browsers, providing one-click options for accounting professionals and their staff to add simple to use security, encryption, and certified email services to their normal workflow.
RMail Customers with a Microsoft email offering with Office 365 (e.g. E3 or E5) choose RMail for its email encryption because of the elegant user experience, especially for the recipient, and for the Registered Receipt proof of compliance and tracking record.
Some of the most popular services for investment advisors are:
Email encryption for privacy compliance automatically delivers email in a unique way to each recipient, creating the simplest user experience for the recipient while returning auditable proof of privacy and compliance to the sender– going far beyond basic TLS and link-retrieval systems. RMail includes different levels of encryption for when it is important to keep messages private from the recipient’s email administrator or email systems like Gmail, and others who may otherwise have access to their email.
RMail transmission encryption is most popular among investment advisory professionals when communicating financial statements, investment disclosures, tax information and other financial data that is strategic to the client. RMail message-level encryption is most popular when communicating confidential financial information that is very sensitive that the client might not want email administrators or others in the company to have access to.
Registered Email™ certified e-delivery tracking and proof with optional encryption provides advanced open and delivery tracking and proof, with timestamped proof of original content legally delivered. It returns to the sender a court-admissible timestamped Registered Receipt email without requiring any action or setting at the recipient level.
Registered Email proof is most popular when a sending accounting professional wants audit-ready proof of timestamped content delivered, when submitting disclosures, opinions, or deadline information of consequence.
Registered Email proof with encryption is most popular when the sender wants audit-ready proof of fact of encrypted, privacy compliant delivery.
RMail Secure File Share One-Time-Box™ — RMail provides privacy compliant secure file sharing. Senders can easily attach and track up to 1GB of files from Outlook or the RMail Web app and send them securely to any recipient with encryption and configurable self-purging options (from 1 to 90 days) in a one-time online storage box that eliminates the risk of download recipients being able to see the sender’s cloud storage file structure.
RMail Secure File Sharing is most popular when sending accounting files, QuickBooks files, tax preparation, and pre-audit and financial review files.
RSign® eSignatures are the simplest to use, most affordable full featured web-based electronic signature service. RSign makes it easy for signers to complete and sign documents using any desktop or mobile web browser in an intuitive, guided signing process.
RSign is the easiest way to obtain client signatures on tax statements, eSign verifications, and other information filled into forms sent by email or posted on websites, with the completed form compiled as a PDF record and with options to automatically back-fill form data into the accounting information management system.
RMail Gateway Secure Send™ makes it easy to automate and ensure HIPAA and PII compliant and auditable encrypted email in all outbound email or for certain messages based on message content, senders, recipients, or patterns inside messages.
RMail Gateway is popular among IT staff as a simple way to automate encryption from certain senders, to certain recipient domains, based on message content or content patterns like client personal social security and financial statement related numbers, or by adding a “#” or another indicator in the subject of mobile device email.
Right Recipient™ reduces risk of sending an email to the wrong person based on Outlook auto-complete address functions. Right Recipient provides an extra check to prevent inadvertent emails being sent to similar names and while checking the address, recommends other options such as encrypting email.
Right Recipient is useful all professions that send critical client information to external parties; in particular those using Outlook address auto-complete functions. This service is provided in partnership with cleanDocs from DocsCorp.
Today, we’re close to 80% adoption for clients using RMail in a very short amount of time. There is a growing awareness of communication even from the RIA’s employees. You may have processes and policies in place for all your employees to follow, but not everybody remembers to do that with every email and every communication. So this is just a safe, secure way to do this.
Founder of RightSize Solutions, which provides IT support and cloud application hosting services for the financial industry. Right Size, which serves RIAs in the range of $300 million and up.
“The stakes are very, very high. RIAs have access to a wide variety of accounts and information, as well as control over those accounts. So you’re not only protecting private information such as social security numbers and things of that nature, but the access to these accounts are truly the key. If someone gained access to one of the custodians and/or trading accounts, as an example, all kinds of havoc could be wreaked across their portfolio. It’s becoming very sophisticated and very targeted. Once a criminal has targeted an organization, they’re going to pound that organization until they find out how to get into the system that they want. Today, we’re close to 80% adoption for clients using RMail in a very short amount of time. There is a growing awareness of communication even from the RIA’s employees. You may have processes and policies in place for all your employees to follow, but not everybody remembers to do that with every email and every communication. So this is just a safe, secure way to do this,” adds Stillman of RightSize Solutions.
“The ability to track your records is so important for a financial advisor because as an RIA, the SEC can come in and audit my records and ask me to produce all the information and communication I had with my clients. So, I need to keep track of that, and a service like RMail allows me to track when communication was delivered to and received by the client. I can show that I’m using RMail encryption services so the clients’ information is protected, which is something you also have to present to regulators to show that you are doing everything you can to protect the clients’ confidential information. Obviously, you’re dealing with very sensitive information and you have to protect that to the best of your abilities,” adds David Hamer, President and Owner of Integrity Asset Management, which provides asset management and financial planning services to individual investors.
“RMail is easy to integrate, provides state-of-the-art technology, and it makes it easy to encrypt email; importantly encrypting email in a way that automatically provides audit-ready proof of GDPR compliance on a message-by-message basis for the transfer of personal data,” adds Kemal Webersohn, CEO of WS-Datenschutz GmbH, Berlin, Germany. “Recipients’ acceptance and the simplicity in communicating with third parties have convinced us to use RMail extensively in our company.”
Nick Hawke, Chief Executive Officer, Association of Professional Compliance Consultants (APCC), in the Foreword of the report, remarked, “This paper marks a significant contribution to the GDPR compliance debate, by providing a robust assessment of the concerns and a powerful methodology to guide practical compliance. It also offers useful parameters that an organization should consider in its selection of an appropriate solution and a perspective on several of the leading offerings.” The report states that GDPR defines what is to be achieved rather than how the requirements should be fulfilled. Consequently, it does not state a requirement to use a specific method of encrypting email, but it does require the handler of consumer non-public and personal information to maintain not only privacy of that information, but also the ability to demonstrate compliance with the privacy requirements. These requirements are discussed in detail in GDPR Article 5 Clause 1(f) and 2, and Article 32 Clause 1(a) and 1(d) which focus on the requirement to protect personal data during transmission with the ability to demonstrate fact of protection of personal data. (Guide available upon request.)
SEC and State Securities compliance, and compliance with regulators in other countries. RMail Registered Email™ service proves compliance with notification, privacy, and records retention requirements. RMail® email encryption and secure file sharing, and RSign e-signatures provide simple to use and automated privacy for compliance with privacy standards internationally, including GDPR, and other state and country regulations protecting personal private information.