HIPAA Compliant Email Requirements

Many people make the costly mistake of thinking they can simply deploy an email encryption solution and they are instantly HIPAA compliant. What they fail to understand is there are other requirements for HIPAA compliant email than just encryption alone. Let our team of Certified HIPAA Security Experts help protect your business today!

We provide the following:

1. Access Control. We own our Private Cloud and operate out of (4) Ultra Secure Data Centers in California, Nevada, Texas, and New Jersey. Only Level 3 employees with the highest level privileges can physically access our servers. All our facilities have state-of-the-art video surveillance, high end security systems, and round-the-clock security guards. They are basically fortresses.
2. Privacy Control. We will never collect and monetize user data, ever. We do not outsource our customer service to other countries, you will always connect with a friendly, professional employee here in Southern Calfornia. All our employees are college educated, passed extensive national, federal, and county criminal background checks. They also passed a rigorous 10-panel drug screening. Rest assured - your data is in good hands.
3. Audit Controls. We keep track of everything. Logs of user ID, date, time, sender, recipient, type of encryption, and more are retained for 6 years. This data can be examined by the Department of Health and Human Services anytime during an audit. In an effort to protect our customers from unauthorized access, we also monitor and record all failed login attempts, hacking activity, and password resets.
4. Integrity Controls. EnGuard has implemented policies and procedures to ensure that PHI is not improperly altered or destroyed. All outgoing emails are digitally signed to ensure their integrity and authenticity, and each message passes through our Data Loss Prevention (DLP) system. We also backup your data, something a lot of companies don't do. There's even a backup of the backup data at a Disaster Recovery site.
5. Transmission Security. Our technical security measures guard against unauthorized access to PHI as it is transmitted over the internet. We use the strongest encryption available with Transport Layer Security (TLS) 1.2 and 256-bit AES Encryption. We also provide advanced features such as the ability to send secure attachments with Secure File Link, and password protected encrypted messages via our Secure Messaging System.
6. Business Associate. We provide every customer with a signed Business Associate Agreement (BAA) outlining the permitted and required uses of protected health information by us. This is the legal document that proves you have HIPAA Compliant Email and ensures that the privacy and security of your email is completely protected and confidential. In a nutshell, we do not access your data outside of support purposes, period.