One non-negotiable aspect of transactional print and mail is the security of the communication. These documents and statements include PII (personally identifiable information) or PHI (protected health information). Compliance in safeguarding this confidential data must be part of your secure mailing workflows.
Whether you manage this in-house or using a provider, you must be confident that security is top of mind.
What Is Secure Mailing?
Secure mailing describes processes and practices created to ensure customer letters meet security compliance requirements. It involves the entire lifecycle of a communication, from data transmission through delivery.
The process has many stages, and each one needs to be secure by design. There are three main ones:
- Data transmission and processing
- Production and insertion
- Mailing and delivery
Data Transmission and Processing
Transactional print and mail jobs begin with transmitting customer data to the networks, processing it, and preparing it for printing. Even if this is an internal process, you still need security best practices.
For example, we use a proprietary secure processing hub that leverages SFTP (Secure File Transmission Protocol) to receive data. Then, we use PGP data encryption, network segmentation, multi-factor authentication, and other cybersecurity best practices. The entire workflow also meets the compliance requirements of SOC 1, SOC 2, HIPAA, FISMA, and PCI-DSS.
Production and Insertion
Secure mailing also involves the actual printing and preparation of the communications. For it to rate as top-tier secure, you must consider the virtual and physical environment.
Technology plays a big role in production and insertion. We use the White Paper Factory (WPF) to enable dynamic content for each letter. It marries fully digitally composed files with in-line print production and intelligent insertion.
Intelligent insertion powers accuracy. It involves sophisticated insert equipment and barcode scanning of each document to verify what goes inside each envelope. These cameras scan a 2D barcode on each piece of paper to ensure the inserter folds the correct pages in each envelope. Another camera captures an image of the inserted envelope to validate the process.
On the physical side of production, facilities running transactional communications must have security protocols. Those could include 24-7 camera monitoring, restricted access, approved disposal practices, and secure perimeters.
Mailing and Delivery
Once your documents have been inserted and sealed, these letters are ready for the mail stream. Secure mailing must carry over to the handoff. Most transactional print and mail companies partner with presorting specialists to achieve the best postage rates.
This transfer must also have security considerations. It shouldn’t occur until after sealing, and the presorting provider must have the same security procedures as the printer. Otherwise, you could incur unknown risks.
Accessing delivery information must occur within a secure platform, as well. You should be able to track this in real-time for regular letters and certified mail. We provide this with trakPCI, an online business document management system. You can use it to do more than track as well, using the data to run reports and view metrics.
Grading Your Secure Mailing Processes
In evaluating your current workflow, whether internal or outsourced, there are indicators as to how secure it is.
Here are some questions to ask:
- Are processes compliant? If so, how do they demonstrate this?
- How are you sending data? Are encryption and other best practices in place?
- Are firewalls and Intrusion Prevention Systems (IPS) in use?
- Does the facility have physical security measures?
- What’s the process of handout to presorting?
- What technology and equipment support secure mailing?
- Do you or your provider run vulnerability scanning and conduct penetration testing?
- Are you able to audit your vendor’s security process?
If the answers to these questions fall short, you should reassess your secure mailing profile. We can help. Companies trust and rely on us to manage their transactional print and mail. There’s a layer of security in everything that we do. Get started by requesting a consultation.