- HIPAA Compliance
- Mixed Needs: HIPAA and non-HIPAA users and messages
- Sending, Receiving, and Replying to ePHI
- Outlook Integration & Outlook Encryption
- Compliant Email Marketing & Transactional Email
- White-Labeled Patient Portals
Perhaps you were wondering...?
Can I send HIPAA-compliant email to anyone?
Yes. LuxSci SecureLine enables you to send compliant email to anyone with an email address. Your recipients do not
need to use LuxSci themselves.
Can we use LuxSci secure email without installing any special software or plugins?
Yes. LuxSci's HIPAA-compliant email services do not require you or your recipients to install any special software. LuxSci works with any modern
desktop or mobile web browser, with all modern email programs (such as Outlook and Mac Mail), and with mobile email programs as well.
Can recipients of my secure messages reply back to me?
Yes. Recipients of your secure email messages can reply back to you.
Do I get a trustmark or seal for my web site and email?
Yes. HIPAA customers get a trustmark that looks like this:
In addition to email encryption, HIPAA-compliant email hosting accounts include email access and sending from email programs (e.g. using IMAP, POP,
and SMTP) and from our Web Interface. LuxSci also highly recommends use of our Email Archival,
Premium Email Filtering, and Mobile Secure Chat options.
Can we "Opt In" or "Opt Out" of encryption for some messages?
If some messages do not include ePHI, you can choose to "Opt Out" of using encryption for them — not all of your messages need to be encrypted. LuxSci does not support "Opt In" encryption (where you manually specify which messages need encryption),
as it is too risky for HIPAA compliance.
What if only some users need to send or receive ePHI?
If only some people need to send ePHI, we can segregate your users into two (or more) domains. E.g. "secure.yourdomain.com" and "yourdomain.com"
such that those users setup for and using "secure.yourdomain.com" addresses will be fully compliant and those using regular
"yourdomain.com" addresses can send and receive without any encryption at all (we call the "per-domain HIPAA compliance"). Users can have addresses
at both domains if they have split personalities.
When and where is the email encrypted?
When you send an email message through WebMail, from your mobile device, or from your email program, that message is transmitted securely to
LuxSci's servers using TLS. Once the message arrives,
LuxSci encrypts the message for each of your recipients and then delivers the encrypted message to the recipient's email servers. Based on your account
preferences, who the recipients are, where their email is hosted, and settings in your account, the encryption used can take the form of:
Secure Message Pick Up (Escrow),
PGP, or S/MIME.
Do recipients need to enter a password to open their message(s)?
It depends. Messages sent using SMTP TLS do not require anything special to open them, as they are encrypted only during transmission.
Messages sent using Escrow (Secure Message Pick Up) do require the recipients to authenticate themselves to our secure web site in order
to access their secure messages. This can be done either (a) by using a username/password for a free account to access any received message, or (b)
by providing an answer to a custom question designated by the message sender. See: SecureLine Escrow
and SMTP TLS.
Does it integrate with Outlook, Mac Mail, Thunderbird, etc?
Yes, you can use any of these standard email programs with LuxSci HIPAA compliant email. You can even use the encryption "opt out" features from
these email programs.
Does it integrate with an iPhone, Android, Blackberry, etc?
Yes, you can use any of these devices with LuxSci HIPAA compliant email. You can even use the encryption "opt out" features from
these email programs and Exchange ActiveSync for real-time, compliant synchronization of email, calendars, tasks, contacts, and notes.
LuxSci does not provide a dedicated mobile App, as secure email integrates with any mobile email App that supports IMAP, POP, SMTP, or ActiveSync.
Can I use this with my existing email domain?
Yes, you can move your email hosting to LuxSci so that you can use your existing domain. You can also
smarthost your outbound email from your existing email server to use LuxSci's outbound
email encryption or use a subdomain (e.g. "secure.yourdomain.com") so that only your secure email is hosted by LuxSci. There
are lots of possibilities.
LuxSci delivers rock solid reliability, outstanding customer support,
extensive feature sets, comprehensive security controls, a powerful rules
engine, and flexible frameworks. All at a very reasonable price."
Practice Administrator, Pediatric Gastroenterology and Nutrition Group, P.C.
"As a dentist, I'm glad I found LuxSci to walk me through the process of becoming HIPAA-compliant! Once I signed up, Connie and Peter both helped me setup get situated with my secure email service. Getting my Business Associate Agreement also a snap. Thank you LuxSci. Now I can concentrate on treating patients!"