Doctors and Healthcare professionals use emails every day, however, the standard daily used email services are not HIPAA-compliant, and they often not designed to transfer and share ePHI (Protected Health Information). In this article, we are trying to shed some light on the most HIPAA-compliant email services for the healthcare enterprise.

Features of HIPAA-compliant email services:

  • Restrict access to PHI (Protected Health Information)
  • Ensure 100% message accountability
  • Business Associate Agreement
  • Encryption
  • Auditing
  • Data Wipe
  • Archiving

HIPAA complaint email services

1- G Suite: HIPAA compliant business services for healthcare professionals & the enterprise


G Suite is a business suite by Google that is providing cloud-based business apps including email, file sharing, spreadsheets, calendars. G Suite is HIPAA  as it aims to seamlessly replace many other applications for healthcare.  So basically you are using the free services like Google Forms, Sheets, Calendar, & Drive but with options that support multiple users and more space.

Main GSuite Features:

  • Google suite: Drive, Forms, Email, Chat, Messaging, Calendars
  • Business Emails
  • Team messaging
  • Voice and Video calling
  • Shared calendars
  • Drive: Collaborative documents creating & sharing
  • Backup  & Data loss prevention
  • Version control of the documents
  • Full mobile support iPhone/ iPad (iOS) & Android

Pricing: starts from $6/ user a month

2- ProtonMail HIPAA & GDPR compliant email service

ProtonMail in Action

ProtonMail is a secure email service based in Switzerland, It provides highly secure encrypted emails with easy to use interface, that does not require much configuration or technical skills to use or configure.

ProtonMail is GDPR- & HIPAA- service. Which makes is usable for healthcare professionals and patients in the USA and EU.

ProtonMail has a web version that works well in all major web browsers also has iOS (iPhone) and Android apps for mobile users.

ProtonMail code is released as a free open source for developers, ProtonMail developers have released several projects that are open to fork and use for open source community.

ProtoMail Features

ProtoMail features in free plan:

  • End-to-end encryption
  • Anonymous Email
  • User-friendly Design
  • Labels/ Folders and Tagging
  • Filters
  • Full-Text Search
  • Contact address that supports import and export

ProtoMail features in For paid plan :

  • Encrypted emails
  • Custom domains
  • Multiple Email Aliases
  • VPN support
  • Multi-user management
  • More disk space

Pricing: Free plane, Paid plan

3- HushMail: Secure email service

HushMail is a free webmail service that is HIPAA-, It provides a web version, mobile apps for iOS (iPhone) and Android. HushMail is custom for healthcare professionals, its customed for other sectors that require privacy for their users and customers like NGOs and Legal (law).

HushMail is GDPR and HIPAA-, so it works well for the EU as well as USA users/ enterprises.

HushMail main features

  • Custom domain
  • Web forms
  • Ads-free
  • Unlimited Email Aliases
  • Webmail
  • Native Mobile Apps for Android and iOS (iPhone/ iPad)

HushMail HIPAA features:

  • Encrypted emails
  • Encrypted forms
  • Encrypted messages with passphrase or security question.
  • Email Archiving
  • Encrypted email on your iPhone for Healthcare professionals: doctors, nurses, and medical teams.

Pricing: Commercial starts from $49.98  for Hushmail Premium (Annual fee)

4- MD OfficialMail

MD OfficialMail is a HIPAA- email service, that supports end-to-end encryption.

MD OfficialMail Features:

  • End-to-end encryption
  • Automation features to ease the workflow
  • Support encrypted and non-encrypted messaging
  • Secure Documents attachment support
  • Crypt-n-Send email support for other email services
  • Secure patient forms
  • Secure contact forms
  • Secure Fax

Pricing: starts from $2.03/month per mailbox

5- Paubox

Paubox is another HIPAA  email encryption service for healthcare enterprise, it supports other email services like G Suite,  Office 365, and Salesforce.  The company behind Paubox provides several email security tools to ensure more security for its enterprise users. The security tools of Paubox includes powerful secure API for developers to integrate encrypted messaging/ emails to their systems, Email DLP suite to ensure there are no email/ data leaks from their user's email boxes. Paubox has gained HITRUST Certification.

Pricing: Starts from $10/ month per user (The Standard plan)

6- PBHS-Secure mail

PBHS Secure Mail is a webmail service of a company specialized in medical/ healthcare web services, Their SecureMail is designed to transfer PHI (Protected Health Information), aiming to provide an email platform for doctors, dentists, labs and hospitals.

Features:

  • Web-based
  • Mobile version
  • Multi-doctor collaboration
  • Documents sharing including medical documents (PDF, Docs, jpeg, GIF)
  • Simple setup
  • Integration with MS. Outlook
  • ONLINE PATIENT REFERRALS
  • DICOM/ PACS integration
  • DICOM Images support
  • Large file attachment size up to 100mb.

Pricing: $10.00/month per email account.

7- LuxSCI

LuxSCI (SecureMail) is a company focused on providing secure tools for the healthcare enterprise.  It provides secure messaging, email service, secure forms, and secure hosting as enterprise services for healthcare service providers: Hospitals and Clinics.

LuxSCI HIPAA  email features:

  • Encrypted email
  • Outlook integration
  • ePHI (Personal Health Information) ready
  • Secure hosting for GSuite and Office365
  • Email filtering
  • Email Archiving
  • Quarantine & emergency Inbox
  • Spam protection
  • Mobile Synchronization.
  • Collaboration
  • File storage
  • Secure CalDAV and CardDAV  Synchronization
  • Remote device wipe for compliance
  • Access controls and login audit trails
  • Backups and email archival

Pricing: Starts from $30/ month for  50 users

8 - MailHippo

MailHippo is a mail service for ePHI (electronic Protected Health Information), It provides secure email service for healthcare professionals.

MailHippo Features:

  • End-to-end encryption
  • Web client
  • Responsive design
  • Message re-call
  • Branding
  • Message expiration
  • Branding
  • HIPAA Business Associate Agreement (BAA)
  • ePHI access logs
  • ePHI is safeguarded

Pricing: Free for Beta with some limited options, Paid version starts from $6.95/ user a month.

9- Aspida: Email

Aspida is a company that provides data security, backup, and email services. Aspida email service is HIPAA compliant. It comes with several features that ease its integration with other services and simplify migration from other services as well as GSuite.

Features:

  • Email Encryption
  • GSuite integration
  • Outlook integration
  • Windows Live Mail support
  • IMAP support

Pricing: Aspida pricing starts from $10/ month per email box.

10- Enguard

Enguard is HIPAA compliant email service aims to provide trusted ePHI emails for healthcare service providers. They have many features and an affordable price.

  • Email encryption
  • Secure Email hosting (HIPAA  email hosting)
  • TLS 1.2 & 256-Bit Email Encryption
  • Data loss prevention
  • Live Messenger with end-to-end encryption
  • Business Associate Agreement
  • Migration support
  • Real-time backup and recovery
  • End-to-end encryption

Pricing: Starts from $15/ month (5 users).

11- HIPAA Mail by Adelia Risk

HIPAA Mail is a HIPAA compliant email service designed for smaller medical practices and solo practitioners. It incorporates Google's G Suite with transparent secure email and advanced phishing protection. Adelia Risk takes care of the setup and proper configuration.
Pricing: $49/user/month

Note: If you recommend any other service we would be more than happy to add it.