RE: The reason this has never been a problem is that in most
cases a global or domain password for PDF encryption is not used.
We chose djigzo specifically because of encrypted PDF option. It fits ideally in our business model (employee benefits administration for small and mid-sized businesses, school systems and organizations.)
Since HIPAA mandated standards-based implementations of security controls by all health care organizations that create, store or transmit electronic protected health information we had to secure correspondence with our customers' current and retired employees. The routine should be extremely easy. The S/MIME and other PKI stuff is not an option as you might guess. :).