Ronald Mah, M.A., Ph.D.  Licensed Marriage & Family Therapist MFC32136

                                   Psychotherapy for Children, Teens, Adults, Couples, & Families, Consulting, & Training

          433 Estudillo Ave., #305, San Leandro, CA 94577-4915 - Office: (510) 614-5641 - Fax: (510) 889-6553 - e-mail: Ronald@RonaldMah.com - website: www.RonaldMah.com

            Map Link to Office         HOME       about Ronald    Blog on Teens  Articles    Therapy & Counseling    Coaching    Workshops & Consulting    Handouts    for Therapists    Books    DVDs    Links      Contact    LinkedInMake Payment  Schedule Monthly Payment

Books by Ronald Mah

 

Calligraphy for "Learning" in

Handouts

(Mini-Posters)

 

DVDs

by Ronald Mah

on Children's Behavior,

Discipline, and Child

Development at

                   

Articles

for Parents, Teachers, Educators, and Human Services Professionals

 

Consulting,

Parent Education,

& Staff Development Workshops

& Trainings

 

Professional

Development

Workshops, Articles, & Consultation,

for Therapists

 

Therapy & Counseling

 

Coaching

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Vulnerabilities and Limitations of Online Communication and Encrypted E-mail*

 

+ Current online communication is not confidential

+ Normal e-mail and other online communication is vulnerable to hackers

+ Normal e-mail parsed by Information Technology (IT) corporations and government for collection and sales of personal and business information

+ Confidential online information/records and communication vulnerable to unsanctioned access by internal personnel of IT corporations

+ Encrypted e-mail is cumbersome to set up and limited in utility

*Why PrivateTree technology is used in the practice of Ronald Mah, M.A., Ph.D.

 

Vulnerabilities for Users of Online Communication

Current use of ANY e-mail online for communication between users, including professional and client is NOT confidential communication. This includes those hosted by popular free services such as gmail.com (Google), Yahoo, and so forth.

Video conferencing including services such as Skype or FaceTime used by professionals for online consultation, counseling, or therapy is NOT confidential communication.

Fax communication has transitioned largely to the digital data network.  Thus, fax communication is no longer secure as when faxes were connected using copper-to-copper wires.  Using fax, unless both ends are encrypted fax machines, is NOT confidential communication.

 

Systematic Parsing of Information by IT Companies 

Common e-mail messages are sent in open from through the data network comprising of many business entities.  The messages are parsed into multiple parts and transmitted separately to as-available servers all over the Internet.  This happens repeatedly until the pieces of information are gathered again in the e-mail endpoint servers that finally delivers the message to the recipient's inbox.  Every step of transmission and re-transmission is vulnerable to being accessed by a multitude of entities, not to mention individual hackers.  Although, these entities may include well-known information technology corporations, none of these business entities are part of the legal “business associates” ecosystem, for example required by HIPAA to sign a contract stipulating confidential practices for handling information.  Each corporation run their own business practices and security/backup procedures.  

 

Through such open methods described, information technology businesses now systematically analyze and collect personal and business information from e-mail and other online communication such as social media for sale to interested companies for marketing and other purposes. Domestic and foreign governmental programs may also analyze and collect information for various purposes.  Hypothetically, frequent or periodic e-mail communication (even limited to scheduling) between a client and professional such as a psychotherapist known to specialize in sexual addiction therapy may be collected and analyzed for inferences about the client and/or the psychotherapist.

 

Internal Vulnerabilities Within IT Companies

Information technology businesses also may have internal vulnerabilities within their infrastructure that business personnel may use to access and collect confidential information.   In other words, while information technology business may be arguably secure from outside hacking, information can be pirated by company employees.  "The ASIS (American Society for Industrial Security) survey confirmed what information security experts have been saying for years: The single greatest threat to corporate intellectual property is trusted insiders--current and former employees, temps, onsite contractors, consultants, partners and suppliers. (Denning, D. E., Who's Stealing Your Information? ).  "…in a …survey of 2,000 employees, 23 percent admitted to having accessed or taken confidential data from their workplace, with one in ten stating that they do it regularly," (Employees admit to accessing or stealing private company information, Help Net Security, .  Such information breaches may be then used for private use or possibly for illicit activity.  

Besides more technologically sophisticated techniques, documents can be downloaded onto external hard drives and thumb drives or using e-mail by a staff person such as an engineer with access to company information (Alston, J., Law360, Engineer Admits To Stealing Secrets From Becton, Bard,

53 percent of respondents downloaded information onto a CD or DVD,

42 percent onto a USB drive and 38 percent sent attachments to a personal e-mail account.

79 percent of respondents took data without an employer’s permission.

82 percent of respondents said their employers did not perform an audit or review of paper or electronic documents before the respondent left his/her job.

24 percent of respondents had access to their employer’s computer system or network after their departure from the company. (More Than Half of Ex-Employees Admit to Stealing Company Data According to New Study

 

For other reports on internal security breaches of confidential information:

Rogue Google Engineer Tried to Steal Your Information,

Google engineers knew for TWO YEARS that the company's Street View cars were stealing emails and passwords via wi-fi,

Colleagues In Cuffs: When Employees Steal Patient Records

Departing employees and data theft

 

Limitations of Encrypted E-mail

The available technology (aside from PrivateTree's innovative encryption-secured technology) most often recommended- encrypted e-mail is technologically challenging, burdensome or impractical.  It is also expensive for many or most individuals including individual practitioners and small agencies, and also significantly limited for utility in comparison to the technology offered by PrivateTree. 

Encrypted e-mail using asymmetric encryption requires an individual to install a security program (software) on his or her computer to establish a "public key."  When another person with whom confidential communication is desired, then can send a message using what is called a "public key" from his or her computer.  This creates the specific identifying information and passwords.  Upon reception, the first individual uses a "private key" to access the message.  This is only one-way confidential communication to the originator of the public key.  Symmetric encryption or "single-key" or "private key encryption" shares a single key between sender and receiver based on an agreed shared password.  This process of collaboration and coordination creates only a one-to-one confidential connection.  The process has to be repeated for each additional person the original person wishes to connect confidentially with.  This creates significant pragmatic time-consuming coordination burdens.  For information about encrypted e-mail visit the following sites:

How Does Secure Email Work?,

How Public Key Encryption Works

How Does Email Encryption Work? 

 

PrivateTree Technology Used in Ronald Mah's Practice

PrivateTree technology is designed so that PrivateTree engineers, staff, and other personnel, as well as cloud server vendors, cannot access subscriber communications.  Subscriber communications remain encrypted within PrivateTree rendering them nonsensical to all but the subscriber and invited individual in their private room.  This encryption-secured design is a key reason for the U.S. Patent Office conferring a patent to PrivateTree for this unique technology. This provides efficient and easy to use online communication between Ronald Mah and his clients without the high vulnerability to others breaching the confidentiality of client information.  Using the client's email address, a message through regular email will invite the client into a private confidential room accessible only to Ronald Mah and the client.  The client only has to follow the link provided, choose a password, and the confidential room is established.  Separate confidential communication rooms may be established to include relevant persons such as other professionals and/or family members if deemed appropriate.  The PrivateTree rooms may be used for basic communication for scheduling but also for enhancing client growth and progress.

 

 

 

 

     Map Link to Office              HOME      about Ronald      Articles     Therapy & Counseling     Workshops & Consulting     Handouts     for Therapists     Books     DVDs     Links     Contact       
 
433 Estudillo Ave., #305, San Leandro, CA 94577-4911 Office: (510) 614-5641 - Fax: (510) 889-6553 - E-mail: Ronald@RonaldMah.com 
 
Send mail to Ronald@RonaldMah.com with questions or comments about this web site.
Copyright © 2007 Ronald Mah, M.A., Ph.D.
Last modified: July 27, 2014