HIPAA encrypted email without the portals, passcodes or problems

See why Paubox is rated the #1 email encryption and security solution for healthcare


See why over 4,000 healthcare organizations love Paubox


Reduce risk

Guarantee that every email sent is HIPAA compliant, every time, without the risk of human error. HITRUST CSF certified.


Happier patients

Improve patient satisfaction with encrypted emails that can be read directly in their inbox, without the hassle of portals or passcodes.


Simple set up

Set up in minutes with Google Workspace, Microsoft 365 or Microsoft Exchange. No extensive training required.


All-in-one protection

Stop inbound email threats such as phishing attacks, breaches and data loss with extra email security features.



How it works

Emails are sent as usual

Paubox users can write and send emails as they typically do from their desktop or mobile devices

Emails get encrypted

Emails are seamlessly encrypted by Paubox servers with 128/256-bit AES encryption

Protect emails in transit

Emails are protected while on their way to the recipient's inbox with TLS 1.2 security and higher

No TLS 1.2+? No problem!

If the destination inbox can't receive encrypted email, then a secure link is delivered to view the message

Flexible plans and pricing. Start free for 14 days.



For up to 10 users

11+ users just $10/user/mo
Billed annually

For organizations that need no-fuss HIPAA compliant email encryption

  • Default encryption

    Maximize the security of your organization's emails by enforcing TLS secure email for every email sent. No cumbersome portal login required for recipients

  • HITRUST CSF certified

    The leading standard for data security in the healthcare industry. It demonstrates that an organization is using best practices and effectively addressing requirements across many regulatory standards

  • Real-time analytics

    Comprehensive email analytics, mail logs, ruleset access and quarantine

  • Email reporting

    Daily or weekly email reports on usage, analytics, patterns and alerts sent directly to your inbox. These reports make it easy to quickly demonstrate value to upper management

  • Two-factor authentication

    An extra layer of security designed to ensure that you're the only person who can access your account

  • Business associate agreement

    Under HIPAA, organizations that use a service provider to process PHI on their behalf must put in place a business associate agreement with that service provider. Paubox includes BAAs with all accounts

  • Secure contact form

    Add a secure contact form to your website as a Paubox hosted link

  • Secure calendar invites

    Send secure, HIPAA compliant calendar invites directly from Microsoft Outlook and Google Workspace. No plugins or apps to install




For up to 10 users

11+ users just $14/user/mo
Billed annually

For organizations that also need inbound email security protection

  • All features of Standard
  • Virus protection
  • Spam protection
  • Ransomware protection
  • Phishing protection
  • ExecProtect

    Patented secret weapon against display name spoofing attacks, which trick your staff by impersonating colleagues in positions of authority.

  • DomainAge

    Phishing attacks often come from newer email domains. With DomainAge, we do a quick check of the age of the domain and quarantine suspicious emails to prevent it from reaching the recipient's inbox

  • Zero Trust Email

    Our patent-pending technology leverages a proprietary algorithm to add a personalized layer of authentication to filter out suspicious emails, unique to every customer



For up to 10 users

11+ users just $18/user/mo
Billed annually

For organizations with advanced security and workflow automation needs

  • All features in Standard & Plus
  • Email data loss prevention (DLP)

    Data loss prevention for both inbound and outbound email traffic for your organization

  • Email archiving

    Take disaster and compliance recovery to a new level with emails and attachments stored in the Paubox cloud

  • Workflow automation (optional)

    Leverage custom or pre-built workflow automation tools to automate mundane, time-consuming tasks for your staff and improve business efficiency

  • Voicemail transcription (optional)

    HIPAA compliant voicemail transcription for audio email attachments

  • Email data warehouse (optional)

    Transform your users' archived email into a data warehouse




Monthly secured emails


G2 rating


Frequently asked questions

What makes Paubox better than other solutions?

Paubox is designed for ease-of-use, both for senders and recipients alike. Paubox eliminates unnecessary friction while also maintaining compliance. Portal logins, plugins and app downloads are a thing of the past with Paubox.

Which email hosts work with Paubox?

Paubox works with Google Workspace, Microsoft 365, and Microsoft Exchange. Be sure your email host provides a business associate agreement.

Can I keep my email address?

Yes! If you have a business email address that ends in your business domain (like @yourbusiness.com), you can keep it. Paubox integrates with Google Workspace, Microsoft 365 and Microsoft Exchange.

If I have a Google Workspace or Microsoft 365, why do I need Paubox?

Google Workspace and Microsoft 365 both sign business associate agreements but they only cover emails within their server and at-rest. Paubox ensures your emails are secure in transit outside of their servers.

How do my recipients know my email is encrypted?

Every email includes a message in the footer identifying that Paubox secured the email. Additionally, recipients can look at the header and see that each relay was secured with up to 256-bit AES encryption.

What if I don't have a business email address?

If you use a consumer email provider, like @gmail.com or @yahoo.com, then you need a business email in order to be HIPAA compliant. Consumer solutions are not compliant and should not be used.

What happens if the recipient's email system doesn't support TLS encryption?

If a recipient's mail server is not setup to handle TLS encryption, Paubox automatically uploads the email (including attachments) to our secure webapp. In order for the recipient to view your message, it's only one additional click.

Can I use my smartphone with Paubox?

Yes, you can use your smartphone and your favorite email apps. Paubox can also easily be setup on tablets and smartwatches with no proprietary apps or downloads needed.

Are my attachments encrypted?

Yes, all attachments are encrypted. Paubox supports attachments up to 50MB.

Are replies to my emails encrypted?

Yes. By default, replies to your emails are encrypted in transit.

Are there any fees for a business associate agreement?

No. All customers receive a business associate agreement at no additional charge.

What is a user?

A user is defined as one email address such as you@yourcompany.com. Aliases and email groups are not counted.