What is HIPAA Compliant Email?

HIPAA Compliant Email is a secure and private email system used by Healthcare Professionals to send Patient Health Information (PHI) to other healthcare professionals and patients. HIPAA compliant email requires the use of end-to-end encryption, and best privacy practices to ensure that emails are transmitted through the internet securely. To setup their own HIPAA compliant email, an organization must deal with the complexity of setting up their own email server, along with a high upfront cost, and ongoing expense of managing that server.

Introducing Enterprise Guardian (EnGuard), we built a company from the ground up specializing in HIPAA compliant email. We've helped tens of thousands of customers setup Secure, Business Class Email Hosting. Our service is affordable, easy to setup, and easy to use. If you can use basic email, you can use EnGuard.

HIPAA Compliant Email Requirements


Many people make the costly mistake of thinking they can simply deploy an email encryption solution and they are instantly HIPAA compliant. What they fail to understand is there are other requirements for HIPAA compliant email than just encryption. Let our team of Certified HIPAA Security Experts help protect your business today!

We provide the following:

  1. Access Control. We own our Private Cloud and operate out of (4) Ultra Secure Data Centers in California, Nevada, Texas, and New Jersey. Only Level 3 employees with high level privileges can physically access our servers. All our facilities have state-of-the-art video surveillance, high end security systems, and round-the-clock security personnel. They are basically fortresses.
  2. Privacy Control. We will never collect and monetize user data, ever. We do not outsource our customer service to other countries, you will always connect with a friendly, professional employee here in Southern Calfornia. All our employees are college educated, passed extensive national, federal, and county criminal background checks. They must also pass a rigorous drug screening. Rest assured - your data is in good hands.
  3. Audit Controls. We keep track of everything. Logs of user ID, date, time, sender, recipient, type of encryption, and more are retained for 6 years. This data can be examined by the Department of Health and Human Services anytime during an audit. In an effort to protect our customers from unauthorized access, we also monitor and record all failed login attempts, hacking activity, and password resets.
  4. Integrity Controls. EnGuard has implemented policies and procedures to ensure that PHI is not improperly altered or destroyed. All outgoing emails are digitally signed to ensure their integrity and authenticity, and each message passes through our Data Loss Prevention (DLP) system. We also backup your data, something a lot of companies don't do. There's even a backup of the backup data at a Disaster Recovery site.
  5. Transmission Security. Our technical security measures guard against unauthorized access to PHI as it is transmitted over the internet. We use the strongest encryption available with Transport Layer Security (TLS1.2 and 256-bit AES Encryption. We also provide advanced features such as the ability to send secure attachments with Secure File Link, and password protected encrypted messages via our Secure Messaging System.
  6. Business Associate. We provide every customer with a signed Business Associate Agreement (BAA) outlining the permitted and required uses of protected health information by us. This is the legal document that proves you have HIPAA Compliant Email and ensures that the privacy and security of your email is completely protected and confidential. In a nutshell, we do not access your data outside of support purposes, period.

Your Personal Email Is Not Secure

Switch to HIPAA Compliant Email Today