Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

2 min read

Our API first approach to HIPAA compliant marketing automation

Our API first approach to HIPAA compliant marketing automation

We've recently covered a variety of tasks that can be achieved via the Paubox Marketing API.

These include:


In a nutshell, the Paubox Marketing API is a growing collection of API endpoints we've exposed to allow customers greater flexibility.

This post will cover our strategy for using an API first approach to provide a solution our customers have been clamoring for: HIPAA compliant marketing automation.


HIPAA Compliant Marketing Automation via Email Triggers

A popular feature request from our customers involve HIPAA compliant email triggers, which are a subset of marketing automation.

Here's a succinct explanation of marketing automation:
"Marketing automation uses software to automate monotonous marketing work."

As such, here's a few examples of HIPAA compliant email triggers our customers have asked for:

  • Automatically send a HIPAA compliant email whenever a patient appointment is coming up.
  • Automate sending of secure email when lab test results are ready.
  • Detect and automatically send an encrypted email for an abandoned cart that potentially contains PHI. Relevant examples here would be online prescription medicine or medical equipment orders.
  • If a secure email bounces, provide a notification (via webhook) so that customers can then send a letter in the mail as follow up.


Customer Feedback and The Paubox Foundations

If you're familiar with our blog, you already know customer feedback is an integral part of the Paubox Foundations, or principles and values we care intensely about. We therefore use customer feedback as our roadmap of what to build and when.

So if we know our customers need HIPAA compliant email triggers and marketing automation, how do we best provide it?


An API first approach to HIPAA compliant marketing automation

We believe an API first approach is the ideal solution to providing our customers with email triggers and HIPAA compliant marketing automation in general. Here's how we're doing it:
  1. We build an API endpoint on the backend
  2. We expose the endpoint to our customers and document it on Developer Docs
  3. We share our progress via blog posts (like this one :-) )
  4. Our frontend team builds the same functionality within our Admin Panel by dogfooding the API endpoints we've already built and published
  5. Rinse and repeat

Paubox Marketing

Prior to its launch, healthcare providers were stuck with generic messaging because it was impossible to personalize email with patient information without violating HIPAA regulations.

Now you can send your patients personalized messages that include PHI using our HIPAA compliant email marketing service, Paubox Marketing.


  • Grow your business. Send targeted, personalized messages that resonate with your audience.
  • Increase patient engagement. Drive engagement by including PHI in your HIPAA compliant email campaigns to create personalized and relevant messaging.
  • Track results. Access real-time analytics to track marketing campaign performance.
  • Improve patient outcomes. Ensure that patients don't miss vital treatment by sending email reminders and recommendations for additional services.


Paubox Marketing is HITRUST CSF certified and is free to use for up to 100 contacts. The free plan also includes a business associate agreement.


Kickstart your HIPAA compliant email marketing with Paubox Marketing

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.