HIPAA Compliance for Microsoft 365, Google, Exchange

Secure Connector
For Your Existing Email

LuxSci's Secure SMTP Connector hooks on to your existing Microsoft 365, Google Workspace, Exchange, or other email hosting service, making your outbound email sending secure and HIPAA compliant.

Some Quasi-Compliant third-party services offer HIPAA Business Associate Agreements, but either lack a HIPAA-compliant email encryption solution (Google Workspace), or a have relatively poor one (Microsoft). LuxSci's HITRUST CSF certified solution fills that gap for you.

Talk to an Expert

TRUSTED BY

The Secure Connector

Secure Connector Secures Email from Google Workspace and Microsoft 365

Plans and Pricing

Pricing is based only on the number of end users whose email will be transmitted and secured through LuxSci.

Users	Infrastructure	Price
10-50 Users	Shared	$7/user	Order
50-95 Users	Dedicated	$7/user	Order
100-245 Users	Dedicated	$6/user	Order
250+ Users	Dedicated	Ask Sales	Order

All Plans Include
HIPAA-compliant: Business Associate Agreement
HIPAA-compliant: Send ePHI in your email messages
Email Sending via SMTP
Email Sending via API
Bounce Tracking
Open & Click Tracking
Feedback Loop Tracking
SPF, DKIM, DMARC Support
Authentication and Report Account-Wide and per-User
Email Archival	available
Ticket, Chat, & Phone Support

The server included is a Business Class Server with enough horsepower to enable sending for indicated number of users. If you are interested in faster sending, larger-scale sending, a multi-server solution, Enterprise Class servers, extensive API usage, or other custom configurations, Contact Sales.

LuxSci SecureLine Email Encryption

Secure Connector messages are delivered to LuxSci via SMTP. They are then passed to the proprietary SecureLine^TM encryption engine. SecureLine gathers information from numerous sources to dynamically determine the optimal email encryption method to use for each recipient. The messages are then encrypted and securely delivered.

Everything is automatic and dynamic. The sender does not have to do anything.

SecureLine encrypts your email

Better Security through Isolation

Unlike other SaaS solutions that place all client data in a shared cloud, LuxSci is unique in that it can provide each client with their own dedicated server, cluster, or unique custom deployment. This can be compared to having one's property secured in a moated castle versus a communal camping site. The solution is more reliable, ensures consistency, and vastly improves the overall security of your data.

Dedicated environments are better than shared clouds

Outbound Email Relaying is called "Smart Hosting"

You may need a Secure Connector for smart hosting if:

You use Microsoft 365 or Google and need outbound email encryption for HIPAA compliance.
Your ISP will not allow your mail server to send outbound email, or limits the quantity of email that can be sent.
Your Exchange Server cannot send email directly for your organization.
Your outbound email systems do not support SMTP Authentication.
Your IP address(es) have a poor reputation, resulting in your outbound email being considered spam-like by recipients (Are Cloud Servers Bad for Sending Email?)
You need to hide the IP address of your mail server.
You must ensure all outbound email is Archived, or encrypted.
...the reasons go on and on.

Google Workspace and Microsoft 365

It is simple to configure your Google or Microsoft account to send all outbound email through LuxSci for encryption and delivery. All you need is a LuxSci smart hosting account that has users corresponding to all of your Google or Microsoft 365 users. E.g., if you have 100 users in the domain "mydomain.com" in Google, then you would get a LuxSci account for "mydomain.com" and setup the same 100 users. Once smart hosting is enabled in Microsoft 365 or Google, all of your outbound email will seamlessly flow through LuxSci—no per-user configuration or changes are needed.

Exchange, postfix, and sendmail smart hosting

If you are not using Google or Microsoft, then smart hosting works by:

Identify one of your LuxSci users as a "smart hosting" user
Configure exchange, postfix, sendmail, or whatever email system you use to smart host email by authenticating to LuxSci as this user (i.e. using its username and password).
LuxSci then identifies the actual sending user by the "From" address of the message sent.

Alternately, if your sending program does not support SMTP authentication and you have a dedicated solution, you can use our Custom smart hosting service, where we authenticate your user(s) by the IP address from which your email is being sent.

Large Scale Email Sending

Smart hosting users have the same sending limits as other LuxSci business email users — 300 messages/day/user. If a user hits the 300 mark, his sending is suspended until the next day.

Some customers require higher sending limits. LuxSci sales will work with you to define a plan that meets your specific sending requirements.

Contact LuxSci for more information.

Additional Connector Features

(+) show all descriptions

Feature
SecureLine^TM Outbound Email Encryption
Send encrypted email to anyone with an email address using SecureLine^TM.
Reporting: Messages Sent
Searchable, sortable, and downloadable reports of messages sent.
Reporting: Tracking and Deliverability
Searchable, sortable and downloadable reports with delivery details of every message to every recipient. You see what has been sent, what is still queued and what has been delivered successfully. If a message was not delivered successfully, you will know exactly why. Reports include: The cause of any delay Reason why a message bounced The recipient server's delivery response. Aggregate reports give you overall delivery statistics on a daily and monthly basis.
Reporting: Email Delivery Failure Reports
Tailor and receive automated email alerts (for delivery failures) when and how you choose. At a frequency of your choice For any email address or list of your choice Alert details include: When the message was sent Who sent it and from what address What the subject was The address of the recipient that failed Exactly why the delivery failed These email alerts are HTML for easy reading. They also include a CSV (Excel) file with all of the data for easy analysis. These reports make it easy for you to manage your mailing lists, discover addresses that are spelled wrong, and to remove old and non-working addresses.
Reporting: Email Open Tracking
Reporting: Email URL Click Tracking
Reporting: Email Bounce Tracking
Authentication by username and password
SMTP Services authenticated with a username and password are supported and recommended.
Authentication by IP
SMTP Services authenticated by the connecting IP address and/or the From address in the message are supported for compatibility with systems that do not support username/password authentication (e.g. Google and Microsoft).
FIPS-Recommended TLS Security
Use of your choice of insecure SMTP, SMTP over TLS, and SMTP over SSL. You may optionally choose to lock down your account to enforce the use of SSL or TLS.
Alternate SMTP Ports
Alternate ports for SMTP access, including use of port 80. This helps ensure the sending process even if firewalls or ISP blocking policies exist.
IP Address Masking - Hide Your IP
Hide the IP address of all computers or servers you use to send messages. Blocking your own address helps prevent messages from being blocked by the recipient.
Message Size Limit	200 MB
Messages can be up to 200 MB in encoded size. This includes all attachments.
1000 Recipient per Message Limit
Sent to just one IP address or as many as 1000 recipients per message.
Sending Limit: Users can send up to 300 messages/day
Individual users are restricted to 300 messages per day unless you sign up for a "High Volume" account, which allows you to send as many messages as you purchase.
Sending Limit: Send to many recipients per month as you purchase	(upgrade)
Feedback Loops with Major ISPs
We collect spam reports via agreements with major ISPs. This helps us detect spamming and other issues quickly which helps keep our servers off of block lists. Users and administrators can peruse SPAM complains reports in our web interface. Users and administrators can also have digests of their received SPAM complaints emailed to them automatically. These contain detailed information in attached CSV files so users know about any issues as soon as possible, making opting complaining recipients out of mailing lists quick and easy.
DKIM - Sign outbound messages
[Optional] Configure DKIM for the domains from which you send and receive information. This allows the recipient address to add you to their DNS. This helps them verify your messages and improves deliverability.
VERP - Variable Envelope Return Path
[Optional] Automatic Return Path customization so bounced messages directly indicate failed addresses.
Email Capturing
Direct copies of all sent messages sent to another email address of your choice.
Support for Email Archival
Add Email Archival services.
Recipient Restrictions
Use allow and deny lists to control to whom or to what domains messages can be sent. Send copies of all outbound email messages to an email address of your choice.
Taglines/Disclaimers
Automatically add taglines or disclaimers to all outbound email messages. These can appear in plain text or in HTML format
Email Content Monitoring
Scan all outbound email for specific content (keywords, phrases or regular expressions). Matched messages can be denied, sent to an auditor, or auto-encrypted using SecureLine^TM.
WebMail
WebMail access for sending email messages; includes an integrated calendar and address book.

HIPAA Compliance for Microsoft 365, Google, Exchange

Secure Connector
For Your Existing Email

TRUSTED BY

The Secure Connector

Plans and Pricing

LuxSci SecureLine Email Encryption

Better Security through Isolation

Outbound Email Relaying is called "Smart Hosting"

You may need a Secure Connector for smart hosting if:

Google Workspace and Microsoft 365

Exchange, postfix, and sendmail smart hosting

Large Scale Email Sending

Additional Connector Features

eBook: HIPAA-compliant Email Basics

Safeguarding your healthcare practice and protecting patient privacy

HIPAA Compliance for Microsoft 365, Google, Exchange

Secure ConnectorFor Your Existing Email

TRUSTED BY

The Secure Connector

Plans and Pricing

LuxSci SecureLine Email Encryption

Better Security through Isolation

Outbound Email Relaying is called "Smart Hosting"

You may need a Secure Connector for smart hosting if:

Google Workspace and Microsoft 365

Exchange, postfix, and sendmail smart hosting

Large Scale Email Sending

Additional Connector Features

eBook: HIPAA-compliant Email Basics

Safeguarding your healthcare practice and protecting patient privacy

Secure Connector
For Your Existing Email