by Chloe Bowen Chief of Staff
Article filed in

How to get businesses to accept HIPAA compliant email from you

by Chloe Bowen Chief of Staff

How to Get Businesses to Accept HIPAA Compliant Email From You - Paubox

Recently, during one of our Paubox webinars, an attendee asked these questions:


The fax machine issue is two sided; how do we get the receivers (mostly insurance companies or case management/utilization review companies contracted by insurance) to accept documents by email?

Also, if the data is quite large and the email is too large, what is the best solution and does Paubox provide it?


These are both great questions, so we’ll answer them here in this post.

Kill the fax

Here at Paubox, we’ve written extensively about the history of the fax machine, why they are terrible for the healthcare industry, and why covered entities should stop sending PHI over the fax.  We’ve also discussed fax machines in our podcast, and even wrote a whitepaper about why healthcare providers shouldn’t use them.

As you can see, we are not big fans of this outdated technology.

Kill the portal

We’re also not fans of the passwords and portals that most providers require in order to send encrypted email.

Not only do portals make it less likely for recipients to read your messages, but with most portal-based encrypted email products, only the message in the portal is guaranteed to be secure—not the email alerting the patient that he or she has a message waiting to be read.

In contrast, with Paubox Email Suite, HIPAA compliant emails arrive directly to your recipient’s inbox, no password or portal required. 

In addition, Paubox encrypts every email you send from your regular email platform (like Google Workspace or Microsoft 365) is encrypted by default. There is no need to change your workflow or put anything special in the email title to trigger encryption.  

This eliminates the possibility of human error, which can lead people to send protected health information (PHI) in plain text, making it susceptible to hacking.

Getting businesses to accept your HIPAA compliant emails

So back to the question at hand.  Since as a Paubox customer your emails are encrypted by default, you don’t have to worry about transmitting PHI over the Internet.  But how do you get your business associates, such as insurance or case management companies, to accept email from you?

We’ve discussed this very question with some of our customers.  In their experience, the reason business associates don’t want to receive electronic PHI (ePHI) via email from healthcare providers is not so much because they are worried about HIPAA, but instead, they just don’t want to deal with the hassle of logging into a portal, inputting a one-time passcode and all the rigamarole that comes along with using other encrypted email providers.

Good news: Since Paubox doesn’t rely on security theater to guarantee email encryption, your recipients don’t have to worry about any of that.

Sending attachments with Paubox

The second part of this question is about email attachments.  Just like with sending email, sending attachments is no more complicated with Paubox than without it.  You simply attach a file to the email and hit send as usual.

The file size limit for Paubox Email Suite is 50 MB, which is large enough for most attachments.  Gmail for example has a file size limit of 50 MB as well.

If your file is larger than 50 MB, you can optimize it by compressing or zipping the file before sending it.  Smaller files are better for your email recipients anyway because large files can take a long time to download.

Try Paubox Email Suite for FREE today.