I hate getting bills in the mail. I really do. Now people I owe money to are offering me the ability to receive bills via e-mail. I don’t know that I’d like that any better, but I do see the convenience in it. And from the perspective of the biller, it could save a whole lot of money. 

My first objection to receiving bills in the mail was one of security. I don’t really want other people to know how much I owe, so if a company wants to send me an electronic past due notice, it had darn well better be private. Most companies that facilitate electronic billing have answered the security issue to one degree or another, but my second concern there is one of complexity. I don’t want to have to download software or go to any extra trouble to allow somebody to send me a bill.

Uncle Sam through a pair of bills has mandated the security aspect of it: the Gramm Leach Bliley Act, and the HIPAA (Health Insurance Portability and Accountability Act). HIPAA specifically relates to the privacy of patient data in the healthcare arena, and if you wade through about a thousand pages of the Federal Register, you’ll find out that it basically means that anyone storing electronic patient data of any sort has to use security precautions to safeguard that data and keep it private. The Gramm Leach Bliley Act mandates the same sort of security in the financial services marketplace.

Encryption is especially important to organizations that have to comply with one of these two regulations, but anyone sending an e-bill can benefit from it, and anyone receiving an e-bill that has been encrypted can feel safe in the knowledge that online snoops can’t discover what your bank balance is, who you owe money to, or what your account number may be.

Companies like Sigaba (http://www.sigaba.com) have provided solutions for moving invoicing and statement presentment online securely. I tested it out, afraid that it would involve a lot of complicated installation and management of all the bells and whistles. For the end user who actually receives the invoice though, there’s nothing to it. I had them send me a test invoice via e-mail. It comes in the form of a brief message and an HTML attachment. When I clicked on the attachment, I was asked for a password, and then was presented with the document. It was that simple. Because the message came as an attachment, instead of requiring me to link back to it on a remote server, one possible vulnerability was closed.

When you authenticate yourself and click on the attachment, it is automatically decrypted and appears in your browser. The biller can keep track of who actually opened each statement, and when. If you’re a biller, this could be a good collection tool. This means I can no longer say, “It must have gotten lost in the mail” when the collections department comes calling.