In 2025, healthcare organizations reported 772 large data breaches to the Department of Health and Human Services Office for Civil Rights, exposing the protected health information of nearly 140 million people. Email isn't the cause of every one of those incidents, but it's one of the easiest ways for protected health information (PHI) to end up somewhere it shouldn't.

Standard Gmail or Outlook accounts aren't built to handle PHI. They lack the encryption, access controls, and signed agreements that HIPAA requires, and sending PHI through an unprotected inbox puts a practice at risk of a serious violation.

To be HIPAA compliant, an email tool needs a signed Business Associate Agreement (the legal contract that holds a vendor accountable for protecting PHI), encryption strong enough to keep messages unreadable in transit, and some level of access control over who can see what.

Beyond that baseline, the details vary widely. Some tools encrypt everything automatically. Others require a sender to remember to turn it on. We won't dig into every technical requirement here since each vendor documents its own approach to compliance. We've linked to that documentation for each tool below.

What matters most is which tool fits your situation. A solo therapist managing client email on a tight budget needs something different from a multi-location practice sending thousands of automated reminders a month. 

Below are seven HIPAA-compliant email providers that cover that range, along with the kind of practice each one tends to fit best.

PlatformSummaryStarting Price for HIPAA-Compliant Plans

Help Scout

Best for healthcare teams managing high email volumes across departments, Help Scout makes it easy to collaborate on responses and keep PHI-related conversations siloed by inbox.

Included in the Pro plan at $75/user per month or available as an add-on to the Plus plan

Paubox

Best for practices that want compliant email with zero extra steps, Paubox automatically encrypts every outbound message and delivers it straight to the recipient's inbox — no portal or passcode required.

Starting at $32/month for up to five senders

Virtru

Best for practices that want control over PHI after it's sent, Virtru layers encryption onto Gmail and Outlook and lets staff revoke access, set expiration dates, or block forwarding on emails after they've gone out.

Starting at $119/month for up to five users

MailHippo

Best for small practices on a tight budget, MailHippo secures messages through a web portal rather than direct inbox delivery and offers message recall and expiration on paid plans.

Free for up to 1,000 messages a month; paid plans start at $4.95/user per month

Hushmail

Best for solo providers and small practices, Hushmail combines encrypted email with secure web forms, e-signatures, and an automatic archive, plus hands-on setup support.

Starting at $11/month for one user

LuxSci

Best for healthcare organizations sending high volumes of email, LuxSci automatically applies the strongest available encryption per recipient and integrates with EHRs and CRMs to trigger PHI-personalized email at scale.

Starting at $99/month for up to 9,999 email sends

athenahealth

Best for organizations that want messaging built into a full EHR, athenahealth ties secure patient messages directly to the chart.

Contact for pricing

1. Help Scout – Best for healthcare teams managing high email volumes across departments

Healthcare — Inline Image — Inbox

Help Scout is a shared inbox that's designed to bring order to high-volume email without patients feeling like they're in a ticketing queue. It’s a great step for healthcare organizations that have outgrown Gmail and Outlook and need structure around who owns a conversation, how fast it’s answered, and where PHI is allowed to live.

For medical practices, Help Scout provides the accountability and structure you need on the backend while patients feel that personal human touch in your replies. You can create multiple inboxes for different functions — intake, records, clinical support, billing, insurance, credentialing, etc. — ensuring at least one inbox is for emails that include PHI.

And while you can create separate inboxes for different functions, you don’t have to. Use a single email address like hello@ or info@ to send all emails to one place, then create teams for different departments and workflows that scan incoming messages for keywords and automatically route them to the right team.

Roles and permissions control who can see what, and custom properties allow you to capture and store data like date of birth, clinic ID, and referral source. You'll see general patient data and any custom properties in a sidebar alongside every conversation so anyone who opens the email has the context they need to reply immediately.

Additionally, Help Scout is designed to stop the small breakdowns that happen in the day-to-day of a regular inbox. Collision detection prevents two team members from replying to the same patient at once, saved replies let you answer FAQs in two clicks, and custom views let your team filter their inboxes to see only the emails that they're responsible for.

After a conversation is closed, you can send a customer satisfaction survey to the patient immediately. Then, you can view satisfaction scores overall, by team, and by individual in reports, which also give you details on things like trends in email volumes, busiest times of the day and days of the week, and average reply and resolution times.

Learn more about HIPAA compliance in Help Scout.

Pricing

Free trial available. View Help Scout's current pricing.

2. Paubox – Best for encrypting email sent through your existing provider

Product Screenshot: Paubox

Paubox is a HIPAA-compliant email encryption service that layers onto Google Workspace, Microsoft 365, or Microsoft Exchange. It encrypts every outbound email automatically by default and delivers it straight into the recipient's inbox with no portal login or passcode required to read it.

The core feature is automatic, blanket TLS encryption applied to every outbound email with no action required from the sender. If a recipient's mail server doesn't support TLS, Paubox uploads the message to a secure web app instead of failing to send it. Instead of the message, the recipient gets an email prompting them to click through and view it.

Every plan includes a signed Business Associate Agreement along with HIPAA-compliant forms for collecting patient intake information and signatures. Higher tiers add inbound protection against phishing, malware, and business email compromise, plus archiving and data loss prevention for practices that need to retain and search email for compliance audits.

Learn about HIPAA compliance in Paubox.

Pricing

Free trial available. View Paubox's current pricing.

3. Virtru – Best for practices that want control over PHI after it's sent

Product Screenshot: Virtru

Virtru is a data protection platform that layers encryption onto Gmail and Outlook through a plugin, much like Paubox but with a different priority. Where Paubox focuses on getting compliant email out the door with as little friction as possible, Virtru focuses on what happens to that email after it leaves the practice's hands.

The core feature is persistent control over a message even after it's been delivered. Senders can set an expiration date on an email that revokes access entirely after the date is met, and they can block a recipient from forwarding or downloading it. All of this can be done after the send, so if an email goes to the wrong patient or the wrong inbox by accident, staff can pull access back instead of hoping the recipient deletes it.

While Paubox is set up at the domain level, Virtru is an email extension that needs to be installed on every desktop individually, so the setup is a bit more cumbersome and not as foolproof. Recipients without a Virtru-enabled email may need to view a message through a secure reader rather than directly in their inbox, depending on how it's sent. 

In exchange, practices get a higher level of oversight. A centralized dashboard shows who has accessed a given message and when, plus data loss prevention rules that can flag or block sensitive content before it goes out.

Virtru also extends beyond email. Secure Share allows encrypted file transfers for larger documents, like imaging files or full patient records, and the broader Data Protection Gateway can apply the same controls to data moving in and out of other connected applications.

Learn about HIPAA compliance in Virtru.

Pricing

No free trial offered. View Virtru's current pricing.

4. MailHippo – Best for small practices on a tight budget

Product Screenshot: MailHippo

MailHippo is a HIPAA-compliant secure messaging platform. Instead of encrypting a message and dropping it directly into the recipient's inbox, MailHippo sends a notification that a secure message is waiting, and the recipient clicks through to a web portal to read and reply.

The core offering is straightforward: 256-bit AES encryption for messages and attachments, both in transit and at rest, with every plan including a signed BAA. MailHippo also offers SendSafe, a personal secure link (yourname@sendsafe.to) that lets anyone send a HIPAA-compliant message to a practice without needing their own compliant email account.

Pricing scales by message volume and storage rather than by user seat, with plans ranging from 1,000 messages a month on the free tier up to 10,000 messages and 100 MB attachments on the Pro plan.

Where MailHippo falls short of a tool like Paubox is on the administrative side. There's no role-based permission structure for managing larger teams and no centralized dashboard for overseeing activity across multiple users, which makes it a better fit for solo providers or very small practices than larger, multi-department organizations.

Learn about HIPAA compliance in MailHippo.

Pricing

Free plan and trial available. View MailHippo's current pricing.

5. Hushmail – Best for email messaging and forms

Product Screenshot: Hushmail

Hushmail is a secure email service built for small healthcare practices, with a particular focus on solo and group behavioral health providers. Email between two Hushmail users encrypts automatically. For everyone else, the sender turns on encryption the first time they message that recipient, and a message goes to a secure web portal that can be unlocked with a password.

Beyond email, Hushmail includes web forms and e-signatures for intake paperwork, consent forms, and self-assessments, including prebuilt templates. Submitted forms generate a PDF that can be uploaded directly into an EHR, which makes Hushmail useful as a supplement to a practice's existing systems rather than a replacement for them. 

Additionally, a built-in archive automatically retains a record of all emails sent and received across the domain, which helps practices stay audit-ready without setting up separate archiving.

For practices that don't have IT support on hand, Hushmail's team will set up a custom domain email address, build out intake and contact forms, and walk through getting started, which matters for solo providers without time to configure a new system on their own.

Learn about HIPAA compliance in Hushmail.

Pricing

Free trial available. View Hushmail's current pricing.

6. LuxSci – Best for sending high volumes of email

Product Screenshot: LuxSci

LuxSci is built for organizations that need to send PHI-containing email at scale rather than just one-to-one communications. It handles things like appointment reminders, lab result notifications, or care coordination updates sent to large numbers of patients, using PHI to personalize each message. 

LuxSci's SecureLine technology automatically picks the strongest available encryption method for each recipient without the sender having to choose.

The core differentiator from a tool like Paubox or Virtru is volume and integration. LuxSci connects via API to EHRs, CRMs, and revenue cycle management systems, so emails can trigger automatically based on events in those systems rather than being sent manually. A LuxSci Secure Marketing add-on extends that into segmented patient outreach campaigns, like care gap reminders or enrollment notices.

LuxSci also offers comprehensive audit logging and engagement reporting, tracking message-level delivery and open status, which larger compliance teams need for periodic review. 

That depth comes with more setup complexity than a tool built for a single practice with a handful of senders, which is why LuxSci tends to fit organizations like regional health systems, health plans, or multi-site provider groups rather than a solo practitioner.

Learn about HIPAA compliance in LuxSci.

Pricing

No free trial offered. View LuxSci's current pricing.

7. athenahealth – Best for organizations that want messaging built into a full EHR

Product Screenshot: athenahealth

Practice management platform athenahealth is a cloud-based EHR that handles secure patient messaging. When a provider sends a message, the patient gets an email notification that a message is waiting, but the email itself doesn't carry any PHI. The patient logs into the patient portal to read the message and reply, and the exchange is automatically tied to their chart.

Because messaging lives inside the EHR rather than a separate inbox, every conversation, reminder, and reply is logged against the patient record. Staff can delegate routine outreach, like appointment confirmations or post-visit follow-ups, to administrative team members, and athenahealth can run some of that messaging at scale on a practice's behalf. 

The tradeoff is that patients have to be enrolled in the portal to receive anything beyond a generic notification, which is a higher bar than opening a normal email.

The messaging platform, athenaCommunicator, is priced as an add-on to athenaOne rather than bundled in, so it makes the most sense for practices that already use athenahealth as their EHR or are looking for an EHR that includes patient messaging.

Learn about HIPAA compliance in athenahealth.

Pricing

No free trial offered. Contact athenahealth for pricing.

Finding the best HIPAA-compliant email provider for your needs

There's no single best tool on this list, because the right choice depends on what your practice actually needs day to day. 

A team drowning in departmental email traffic needs structure more than encryption. A solo provider mainly needs PHI to stop landing in a regular inbox without a lot of setup. A larger organization sending high volumes of automated, personalized email needs infrastructure.

Whatever you land on, the work doesn't stop at picking software. A signed BAA and the right encryption settings only solve part of the problem. Staff still need to understand what counts as PHI, when to use the secure channel instead of a regular one, and what to do if something goes to the wrong address. 

The tool makes HIPAA-compliant emails possible, but the people using it make it happen in practice.

Like what you see? Share with a friend.
Anne-Marie Traas
Anne-Marie Traas

Anne-Marie is a Fractional Head of Customer Success focused on providing an optimal customer experience in every interaction. She specializes in driving process and product improvements, creating thorough and easy-to-understand product documentation, and teaching others how to communicate more effectively through the written word. You can find her on her website.