be Smart.
be Secure.
Phone: 800-441-6612
How it Works
Learn More


LuxSci Email Security

HIPAA-compliant Email

Business & Enterprise. Great Support. BAA.
Ideal for:
- Sending, Receiving, & Replying to ePHI
- Having Both HIPAA & Non-HIPAA Users & Emails
- Outlook Integration & Outlook Encryption
- Compliant Email Marketing & Transactional Email
- White-Labeled Patient Portals

You may also like HIPAA-compliant:

Web & PDF Forms

Web Hosting


Email Marketing

HIPAA-compliant Email Basics
Safeguarding Your Healthcare Practice and Protecting Patient Privacy
Book 1 in the LuxSci Internet Security Series.
Created by Erik Kangas, PhD

HIPAA-compliant Email

It's unfortunate that hackers can exploit online communication on a hunt for sensitive information. However, with advanced cybersecurity, you can protect your private email information from hacking vulnerabilities. At LuxSci, we specialize in email encryption to ensure communication security. Not only are our email services encrypted, but they're also HIPAA- (Health Insurance Portability and Accountability Act) compliant for those of you in the medical and healthcare fields. Medical records hold some of your and your patients' most sensitive information: Social Security numbers, insurance IDs, addresses, credit cards, medical records and scheduling, and more. LuxSci provides the leading software in HIPAA-compliant email, which guarantees the privacy of all ePHI (electronic patient health information) sent within your organization, as well as to patients and other appropriate, outside recipients. HIPAA makes it your legal responsibility to secure your patients' ePHI, and it's our responsibility to provide those securing services.

Complying with HIPAA can overwhelm and confuse when you're trying to find a user-friendly platform. LuxSci is here to make this easy for you. We provide HIPAA-compliant email with form and Web abilities, as well as HIPAA-compliant email hosting services. We also help back up your data and offer extensive auditing. Most important, we offer forced encryption that always comes with a verified seal that links to us and allows your recipients to know you properly protected their information.

Perhaps you were wondering...?

Can I send HIPAA-compliant email to anyone?
Yes. LuxSci SecureLine enables you to send compliant email to anyone with an email address. Your recipients do not need to use LuxSci themselves.
Can we use LuxSci secure email without installing any special software or plugins?
Yes. LuxSci's HIPAA-compliant email services do not require you or your recipients to install any special software. LuxSci works with any modern desktop or mobile Web browser, with all modern email programs (such as Outlook and Mac Mail), and with mobile email programs as well.
Can recipients of my secure messages reply to me?
Yes. Recipients of your secure email messages can reply to you.
Do I get a trustmark or seal for my website and email?
Yes. HIPAA customers get a trustmark that looks like this:

LuxSci helps ensure HIPAA-Compliance for email and web services.
Other questions? Call Sales
What features are included?
In addition to email encryption, HIPAA-compliant email hosting accounts include email access and sending from email programs (e.g. using IMAP, POP, and SMTP) and from our Web interface. LuxSci also highly recommends use of our Email Archival, Premium Email Filtering, and Mobile Secure Chat.
Can we opt in or opt out of encryption for some messages?
If some messages do not include ePHI, you can choose to opt out of using encryption for them. LuxSci does not support opt-in encryption (where you manually specify which messages need encryption), because it's too risky for HIPAA compliance.
What if only some users need to send or receive ePHI?
If only some people need to send ePHI, we can segregate your users into two (or more) domains. For example, users who must be fully compliant can have addresses in "" Users who do not need HIPAA-compliant email can have addresses in "" and can send and receive without any encryption at all. (We call this per-domain HIPAA compliance.) Users can have addresses in both domains, if needed.
When and where is the email encrypted?
When you send an email message through WebMail, from either your mobile device or your email program, that message transmits securely to LuxSci's servers using TLS. Once the message arrives, LuxSci encrypts the message for each of your recipients and then delivers the encrypted message to the recipient's email servers. Based on your account preferences, who the recipients are, where their email host is, and settings in your account, the encryption used can take the form of: SMTP TLS, Secure Message Pick Up (Escrow), PGP, or S/MIME.
Is email encrypted at rest?
Yes, it can be. It depends on your choice of account settings. See Ensuring all data is encrypted at rest with LuxSci.
Do recipients need to enter a password to open their message(s)?
It depends. Messages sent using SMTP TLS do not require anything special to open them since they're encrypted only during transmission. Messages sent using Escrow (Secure Message Pick Up) do require the recipients to authenticate themselves to our secure web site in order to access their secure messages. You can do this either (a) by using a username/password for a free account to access any received message, or (b) by providing an answer to a custom question designated by the message sender. See: SecureLine Escrow and SMTP TLS.
Does LuxSci email integrate with Outlook, Mac Mail, Thunderbird, etc?
Yes, you can use any of these standard email programs with LuxSci HIPAA compliant email. You can even use the encryption opt-out features from these email programs.
Does LuxSci email integrate with an iPhone, Android, Blackberry, etc?
Yes, you can use any of these devices with LuxSci HIPAA compliant email. You can even use the encryption opt-out features from these email programs and Exchange ActiveSync for real-time, compliant synchronization of email, calendars, tasks, contacts, and notes. LuxSci does not provide a dedicated mobile app since secure email integrates with any mobile email spp that supports IMAP, POP, SMTP, or ActiveSync.
Can I use LuxSci email with my existing email domain?
Yes, you can move your email hosting to LuxSci so that you can use your existing domain. You can smarthost your outbound email from your existing email server to use LuxSci's outbound email encryption or use a subdomain (for instance "") so that only LuxSci hosts your secure email. There are lots of possibilities.
Other questions? Call Sales

Got it all figured out?

Monthly accounts start at $12

We provide a Business Associate Agreement for you to sign
We do not accept customized BAAs

Account term is month-to-month; 30-day refund policy.

...any questions?

LuxSci delivers rock solid reliability, outstanding customer support, extensive feature sets, comprehensive security controls, a powerful rules engine, and flexible frameworks. All at a very reasonable price."
Adam Goode
Practice Administrator, Pediatric Gastroenterology and Nutrition Group, P.C.
McAfee Secure TRUSTe Privacy Certification Thawte Extended Validation SSL Certificate Refund Policy
Starting at $12/mo
Sign Up
Special Offer
Free HIPAA Setup Fee with 10+ email licenses

"As a dentist, I'm glad I found LuxSci to walk me through the process of becoming HIPAA-compliant! Once I signed up, Connie and Peter both helped me setup get situated with my secure email service. Getting my Business Associate Agreement also a snap. Thank you LuxSci. Now I can concentrate on treating patients!"

—Allen Job, All Smiles Pediatric Destistry

TRUSTe Privacy Certification Refund Policy Thawte Extended Validation SSL Certificate
McAfee Secure TRUSTe Privacy Certification Thawte Extended Validation SSL Certificate Refund Policy
• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries