Email security

Made simple

  • No setup required — encryption is automatic.
  • Automatic encryption and decryption gateway
  • Compatible with all email programs and devices
  • Plugin for Outlook
  • WCAG 2.1 AA compliant message portal

Made flexible

  • Free SecureSend portal for people to send you secure messages.
  • Brand your portal and email notifications
  • Optional content-driven encryption
  • Optional encryption "Opt Out" for HIPAA

SecureLine In Action

LuxSci accepts messages through API, SMTP, and WebMail. These are passed to the proprietary SecureLineTM encryption engine. SecureLine gathers information from numerous sources to dynamically determine the optimal email encryption method to use for each recipient. The messages are then encrypted and securely delivered.

Everything is automatic and dynamic. The sender does not have to do anything.

SecureLine encrypts your email

About SecureLine

A lot can happen on the digital path from sender to recipient. Attackers are finding more ways to intercept and scan emails for sensitive or confidential information, so it's important to take precautions. To ensure your emails are always private, especially those holding confidential information, you want to protect your cyber presence with an advanced end-to-end secure email encryption. LuxSci's SecureLineTM provides an encrypted and secure solution for emails to be sent from any customer to any recipient. SecureLineTM has been around since 2005 providing a comprehensive, easy-to-use email security solution for mobile devices, desktop applications, and LuxSci's WebMail. SecureLineTM is also HIPAA (Health Insurance Portability and Accountability) compliant, making it the perfect solution for medical and health care professionals sending ePHI in email messages.

How SecureLine Email Encryption Works

HIPAA compliance requires that the transfer of any sensitive or confidential patient health information (ePHI) over the Internet is done securely. Our SecureLineTM email encryption system is designed to do just that. SecureLine seamlessly and dynamically integrates the following modes of secure email transmission to ensure that you can securely communicate with anyone, no matter what email system they have.

  • SMTP TLS - SMTP TLS enables mail servers to transfer email between themselves in a secure manner, even if the messages themselves are not internally encrypted. TLS provides secure email delivery to recipients whose email servers support a sufficint level of TLS (which includes about 85% of recipients). LuxSci fully supports TLS, MTA-STS, and uses only FIPS/NIST-recommended security protocols and ciphers.
  • SecureLine Escrow - SecureLine Escrow requires that a recipient actively verify his or her identity before s/he can access a message via a secure web portal. Escrow provides secure email delivery, authentication, storage, transmission, and auditing for messages to anyone with an email address. Which is better: TLS or Escrow?
  • SecureLine PKI - SecureLineTM PKI uses public key certificates (PGP and/or S/MIME) to internally encrypt email messages before sending them to the recipients. The recipients must also be using PKI for this method to be useful.

Extremely Flexible Encryption

HIPAA requirements are extremely vague and decisions on risk, security, usability and applicability are generally in the hands of each individual organization. As such, LuxSci's email security system is uniquely flexible, allowing you to "dial in" where you need to be on the spectrum from high usability to high security.

For those who wish to leverage of the easy of use offered by SMTP TLS as much as possible, LuxSci offers some very unique features:

  • Dynamic TLS: LuxSci determines dynamically, at the time of message delivery, which of your recipients support TLS and which do not. For those that do not, LuxSci automatically falls back to Escrow or PKI for secure message delivery. You do not have to pre-configure anything to use TLS to the maximum degree possible. You also do not have to worry about messages being delivered insecurely to people who do not support TLS.
  • Exclusive TLS: When the ease of opening email messages is more important than email delivery (e.g., for email marketing), TLS Exclusive is appropriate. With this technology, Dynamic TLS is used to determine which recipients will get your messages securely over TLS. Messages to everyone else will be automatically dropped. This is ideal for securing all your email using TLS, while not annoying the 10-15% of recipients using poor email systems with portal-pickup email messages.
  • Upgrading Encryption: Use a button in WebMail, options in our API, or content triggers in SMTP to upgrade individual messages from TLS-only delivery to stronger levels of encryption, such as Escrow, on demand.

There are many, many other flexible options in Secureline, including:

  • Selective TLS: Instead of using TLS everywhere possible, you can instead choose to use TLS only with specific recipients and/or domains.
  • Opt Out: On a per-message basis, you can permit users to disable the need for any special encryption.

SecureLine Meets Your Compliance Needs

When you sign up for HIPAA-compliant email, SecureLine ensures that all email messages sent via SMTP, API, or our WebMail interface are sent securely, while remaining flexible enough to allow exceptions where appropriate for usability. The chart below shows how SecureLine can be adjusted to fit the scope of your compliance.

Who sends ePHI? Is non-ePHI sending required? Solution
Never Full account-wide lockdown. All users are required to send securely. Insecure sending is entirely prohibited.
Occasionally for some users Account-wide lockdown with opt-out enabled. All users are required to send securely, but certain users are permitted to opt-out on an individual message basis. All opt-outs are logged.
Occasionally for all users All users have logins to two separate domains — one for secure sending (typically a subdomain), and one for non-ePHI sending. The secure domain is completely locked down to prohibit non-ePHI sending.
Some Users
Never Majority of users have logins in a non-HIPAA domain, while the few that send ePHI have logins in a different HIPAA-secure domain (typically a subdomain). The secure domain is locked down to prohibit non-ePHI sending.
Some Users
Occasionally Majority of users have logins in a non-HIPAA domain, while the few that send ePHI have logins in a different HIPAA-secure domain (typically a subdomain). The secure domain is set to allow opt-outs. All opt-outs are logged.

eBook: HIPAA-compliant Email Basics

Safeguarding your healthcare practice and protecting patient privacy

Book 1 in the LuxSci Internet Security Series.

Created by Erik Kangas, PhD

Get the HIPAA eBook

We were looking for a reliable host, with emphasis on securing our client's data, and LuxSci was a great fit. The LuxSci team is superb with their support, always quick, very responsive and highly professional. The server itself is robust and fast. And most importantly, it provides the level of security we were looking for."

Nicole Hiegl . Site administrator, and