When you send a letter using a postcard, it is generally a brief communication, often accompanied with a photographic illustration.
The message as a whole conveys a snapshot in the life of the writer, but it suffers from one major flaw - it is open for the whole world to read in every detail.
It is possibly the most non-private communication of all.
And the nearest electronic equivalent of the postcard is e-mail.

You would not use open e-mail to convey legally private information unless you had some way of coding it, so that its content became known only to the intended recipient.
The practice of coding information so that it is obscure to others, is an ancient art and has traditionally been used by army generals during war, diplomats, criminals and spies down through the ages.
The science of communication coding is called cryptography, and is assuming particular importance in the transportation of confidential medical information in this electronic age.
Even pharmacists have used a form of encryption when they used to manually code prescription prices, to reduce the ability of patients to shop around.
Remember?
It utlised the letters a-n-t-o-m-s-u-l-p-h, and having a number allocated from 1 to 9 starting from the letter "a" ($9.85 became p/lm).

More serious issues involve privacy.
Privacy legislation currently in place, means that heavy fines, and penalties for deemed unprofessional behaviour in breaching patient privacy, could bring serious disruption to a pharmacy practice, unless adequate and accepted security measures were routinely installed and implemented.

Originally, codes (or encryption) relied on the transpositioning of letters, or the substitution of a letter or a symbol for another.
Knowing the frequency in which letters appear in a particular language can often break the "key" or method of the code employed.
With the advent of fast number-crunching computers, even the most complex of codes can be broken. Encryption strength today is a function of the complexity of the "key" and the current speed of computers (which exponentially increases with time and new advances in computer design and construction).
The complexity of a key is determined by its mathematical formula (algorithm) and its size (measured in "bits").
Thus an encryption system designed today needs to be scalable upwards, to take to account revisions in key strength, as computers and associated software become strong enough to crack the best of existing codes. All codes should probably be changed every five years under current conditions.

One of the more common encryption systems developed for Internet use is known as Public Key Infrastructure (PKI). This is the system selected by the Health Insurance Commission (HIC) in Australia.

The system relies on the software production of two "keys" which are different, but matched.
One key is a secret or "private key" while the other is called a "public key" because it is made available to anyone who wishes to transmit a confidential message.
A key pair is generated once only for each user, unless security is breached in some manner, and another set has to be generated.

The public key is made available to others through a public keyserver.
Here, an Internet fileserver is used as a storage medium and can only be accessed through a predetermined protocol (already embedded in desktop encryption software).
Once accessed, the public key can be used to attach to a message which is "scrambled" and can only be unlocked by the person with the matched "private key".
Persons not having the right key will be unable to read the message.

Additional security is available in the form of a digital signature, which is a segment of code generated using your private key. Anyone with access to your public key is then able to verify that the communication is indeed from you, as it goes through the matching process.
A good system will also produce a "message digest", which is a mathematical code applied to your total message when generated.
The recipient, on receipt of your message, will generate an independent digest and compare it with the one sent.
If it matches, you can be assured that the message has not been tampered with, as no two messages produce the same digest.

To ensure that the public key actually belongs to the person it is ascribed to, a process of "signing" or key certification has been developed. Generally, this will be an independent third party trusted administrator (e.g. Verisign) or it can be the administrator of the actual specific software system.
Keys need to be verified and signed at regular intervals as part of security maintenance, thus creating a "web of trust".

PKI encrypted documents can be distributed by e-mail or through the use of a dedicated fileserver to support the process, acting as the interface for individual recipient download or storage.
This latter process operates like a virtual private network (using software rather than hardware) and is more secure than e-mail.
Instructions to access a fileserver for this purpose are separately and automatically encrypted by the software associated with the fileserver, thus ensuring that "hackers" are unable to hijack your documents for analysis and "cracking".
No patterns are available for analysis.
Even though an e-mail may carry highly encrypted messages, its availability to many people means that a copy of your communication can be illegally copied and analysed.A dedicated "hacker" could then break your code and gain unauthorised access to your information.

Like the postcard, e-mail is an open communications process available to the entire global community.