What we did is create a "sharing" IMAP Gmail account with https set as a requirement in the Gmail settings. Then all persons who will need to have the ability to send/receive secure communication get login credentials for this shared Gmail account. (Granted, anyone who has access to this account can read any messages, but we obviously could create other shared email accounts as needed to deal with smaller groups.)
With that set up, when someone needs to send a secure message, they send (via email or AIM) notification to the other parties that they are posting a secure communication. Then, using the wonders of IMAP Gmail, they create a message on the shared Gmail account via an encrypted SSL connection (with no To: addressee ... just to be sure it doesn't accidentally get sent!), and save the message as a Draft. (On the iPhone, to save a draft, you compose a message and then choose Cancel -- it will then ask if you want to save it as a draft.)
Once the Draft is saved, the users who need the message and have the login credentials can access the Gmail account via an SSL encrypted connection from any computer or iPhone. Once they have the info, they then delete the Draft message.

