be Smart.
be Secure.
Phone: 800-441-6612
How it Works
Learn More

How it Works

HIPAA Compliance requires that the transfer of any sensitive or confidential patient health information (ePHI) over the Internet is done securely. Our SecureLine email encryption system is designed to do just that. SecureLine seamlessly integrates the following modes of secure email communication to ensure that you can securely communicate with anyone, no matter what kind of email system they are using.

  • SMTP TLS - SMTP TLS enables mail servers to pass email between themselves in a secure manner even if the messages themselves are not internally encrypted. TLS provides secure email delivery to recipients whose email servers support TLS.
  • SecureLine Escrow - SecureLine Escrow requires that a recipient actively verify his or her identity before he or she can access a message at a secure web portal. Escrow provides secure email delivery, authentication, and auditing to anyone with an email address
  • SecureLine PKI - SecureLine PKI uses certificates (PGP & S/MIME) to internally encrypt email messages before sending them to the recipients. The recipients must also be using PKI for this method to be useful.

Required Legal Forms

LuxSci requires a signed Business Associates Agreement (BAA) and a signed Account Restrictions Agreement (ARA) in order to certify your account as HIPAA-compliant.

SecureLine Meets Your Compliance Needs

When you sign up for our HIPAA-compliant Email, SecureLine will ensure that all email messages sent via SMTP or through our WebMail interface are sent securely to any recipient, while remaining flexible enough to allow exceptions where appropriate for usability. The chart below shows how SecureLine can be adjusted to fit the scope of your compliance.

Who sends ePHI? Is non-ePHI sending required? Solution


Never Full account-wide lockdown. All users are required to send securely. Insecure sending is entirely prohibited.


Occasionally for some users Account-wide lockdown with opt-out enabled. All users are required to send securely, but certain users are permitted to opt-out on an individual message basis. All opt-outs are logged.


Occasionally for all users All users have logins to two separate domains — one for secure sending (typically a subdomain), and one for non-ePHI sending. The secure domain is completely locked down to prohibit non-ePHI sending.

Some Users

Never Majority of users have logins in a non-HIPAA domain, while the few that send ePHI have logins in a different HIPAA-secure domain (typically a subdomain). The secure domain is locked down to prohibit non-ePHI sending.

Some Users

Occasionally Majority of users have logins in a non-HIPAA domain, while the few that send ePHI have logins in a different HIPAA-secure domain (typically a subdomain). The secure domain is set to allow opt-outs. All opt-outs are logged.

Final Review

Your security settings are locked down as soon as your account is created. Once we have your signed BAA and ARA, LuxSci gives your account a final review to make sure everything is in order. At this point your account is considered HIPAA-compliant.

Users are locked down to certain security settings based on whether they will be sending ePHI or not:

Feature Sending non-ePHI Sending ePHI

Global enforcement of outbound email encryption via WebMail

Global enforcement of outbound email encryption via SMTP

Opt-out of secure sending

Forced secure logins for all services

Email forwarding only over TLS

Insecure forwards and aliases allowed

WebAide encryption allowed

Auditing of Blog, Document, and Password WebAides

Password strength requirement

Strength may vary 8+ Alphanumeric + Hard to Guess

WebMail session timeout after inactivity

Length may vary up to 3 hours

Beyond email sending, LuxSci ensures compliance of your email and other data (e.g. WebAides, Widgets, etc.) per the terms of our Business Associate Agreement with you.

Starting at $12/mo
Sign Up
Special Offer
Free HIPAA Setup Fee with 10+ email licenses

"As a dentist, I'm glad I found LuxSci to walk me through the process of becoming HIPAA-compliant! Once I signed up, Connie and Peter both helped me setup get situated with my secure email service. Getting my Business Associate Agreement also a snap. Thank you LuxSci. Now I can concentrate on treating patients!"

—Allen Job, All Smiles Pediatric Destistry

TRUSTe Privacy Certification Refund Policy Thawte Extended Validation SSL Certificate
McAfee Secure TRUSTe Privacy Certification Thawte Extended Validation SSL Certificate Refund Policy
• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries