2 min read

Send HIPAA compliant transactional email with Node.js

Picture of Hoala Greevy Hoala Greevy September 29, 2018

Email API

Two men working on laptops at a table in a modern office space

Node.js Module for Paubox Email API

The Paubox Node.js module allows you to construct and send secure, HIPAA compliant messages. This package is the official Node.js module for the Paubox Email API. The Paubox Email API allows your application to send secure, HIPAA compliant email via Paubox and track deliveries and opens.

Installation

Using npm:

$ npm install --save paubox-node

Getting Paubox Email API Credentials

You will need to have a Paubox account. You can sign up here. Once you have an account, follow the instructions on the Rest API dashboard to verify domain ownership and generate API credentials.

Configuring API Credentials

Include your API credentials in your environment file.

$ echo "API_KEY='YOUR_API_KEY'" > .env
$ echo "API_USERNAME='YOUR_ENDPOINT_NAME'" >> .env
$ echo ".env" >> .gitignore

Usage

To send email, prepare a Message object and call the sendMessage method of emailService.

Sending messages

"use strict";
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();

var options = {
  from: 'sender@domain.com',
  to: ['recipient@example.com'],
  subject: 'Testing!',
  text_content: 'Hello World!',
  html_content: '

Hello World!

',
}

var message = pbMail.message(options)

service.sendMessage(message)
  .then(response => {
    console.log("Send Message method Response: " + JSON.stringify(response));
  }).catch(error => {
    console.log("Error in Send Message method: " + JSON.stringify(error));
  });

Allowing non-TLS message delivery

If you want to send non-PHI mail that does not need to be HIPAA-compliant, you can allow the message delivery to take place even if a TLS connection is unavailable. This means the message will not be converted into a secure portal message when a nonTLS connection is encountered. To do this, include allowNonTLS: true in the options, as shown below:

"use strict";
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();

var options = {
  allowNonTLS: true,
  from: 'sender@domain.com',
  to: ['recipient@example.com'],
  subject: 'Testing!',
  text_content: 'Hello World!',
  html_content: '

Hello World!

',
}

var message = pbMail.message(options)

Adding Attachments and Additional Headers

"use strict";
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();

var attachmentContent = Buffer.from('Hello! This is the attachment content!').toString('base64')

var options = {
  from: 'sender@domain.com',
  reply_to: 'reply_to@domain.com',
  to: ['recipient@example.com'],
  bcc: ['recipient2@example.com'],
  subject: 'Testing!',
  text_content: 'Hello World!',
  html_content: '

Hello World!

',
  attachments: [{
    fileName: "HelloWorld.txt",
    contentType: "text/plain",
    content: attachmentContent
  }]
}

var message = pbMail.message(options)

Checking Email Dispositions

The SOURCE_TRACKING_ID of a message is returned in the response of the sendMessage method. To check the status for any email, use its source tracking id and call the getEmailDisposition method of emailService:

"use strict";
require('dotenv').config();
const pbMail = require('paubox-node');
const service = pbMail.emailService();

service.getEmailDisposition("SOURCE_TRACKING_ID")
  .then(function (response) {
      console.log("Get Email Disposition method Response: " + JSON.stringify(response));
  });