by Ryan Ozawa
Article filed in

Is JangoMail HIPAA Compliant?

by Ryan Ozawa

Is JangoMail HIPAA Compliant? - Paubox

Email marketing is a vital part of any modern business, right up there with having a website. And unlike a website, where customers and potential clients come to you, email marketing is pushed out to your customer base, establishing an important, direct line of communication.

Things are a little more complex for covered entities, however. While there are many email marketing use cases for healthcare, your solution must be HIPAA compliant.

Does JangoMail fit the bill?

What is JangoMail?

Based in Dayton, Ohio, JangoMail is a relatively small web-based email marketing service. It actually started as an internal tool that was built to help its parent company send mass email, but quickly became its own business.

Founded by Ajay Goel in 2002, JangoMail was built to pull information out of databases over the web and then send emails out in one shot. The email marketing platform provides broadcast email, transactional email, and automated email messages.

JangoMail also offers JangoSMTP, a standalone SMTP relay, for those who don’t need design templates or mailing list management features.

Finally, the company offers an extensive API that allows programmatic management of distribution lists, email campaigns, and analytic reports.

Goel sold JangoMail in 2013, and the company is now led by Indian-born American businessman, investor, and philanthropist Vin Gupta. JangoMail and JangoSMTP serve over 200,000 customers on six continents.

What does DjangoMail say about HIPAA?

In its marketing, the company says that “emails sent through the JangoMail API benefit from JangoMail’s deliverability and compliance features.” But there is no explanation as to what those compliance features are, and the only mentions of compliance in JangoMail’s support library relate to basic CAN-SPAM requirements, like providing a way for recipients to unsubscribe.

SEE ALSO: How the CAN-SPAM Act Relates to Healthcare Email Marketing

JangoMail does appear to offer basic encryption via JangoSMTP, such as TLS. However, JangoMail says that “it must be enabled on the client,” which means that encryption is disabled for recipients who can’t receive encrypted email, something that doesn’t happen with Paubox.

Unfortunately, there is no mention of “HIPAA” in JangoMail’s support system, nor any sign of a business associate agreement.

While JangoMail did mention HIPAA in a 2013 press release, the announcement only says that the company could, upon request, “hash the email addresses” in its system as a privacy measure. However, this does not come anywhere near meeting all HIPAA requirements for email.

SEE ALSO: HIPAA Email Encryption Requirements: What You Need to Know

Is DjangoMail HIPAA compliant?

Given the lack of documentation and the relative simplicity of its offerings, DjangoMail does not appear to be a HIPAA compliant email solution.

HIPAA email marketing tools comparison

To meet the unmet need for HIPAA compliant email marketing, we created Paubox Marketing. It is the only solution that will:

  • Sign a BAA
  • Provide military-grade encryption
  • Allow you to include PHI in your marketing emails
  • Allow patients to read your emails directly from their inbox with no extra steps

In addition, Paubox Marketing is HITRUST CSF certified.

Compared to the standard marketing tools, Paubox Marketing is the best option for maintaining HIPAA compliance while harnessing the power of personalized email marketing.

SEE ALSO: Why Paubox Marketing is the Best HIPAA Email Marketing Solution Available

Company Will they sign a BAA? Can you send PHI?
Adobe Campaign NO NO
Blue Orchid Marketing NO NO
Campaign Monitor NO NO
Campaigner NO NO
Drip NO NO
Emma NO NO
GetResponse NO NO
Hubspot NO NO
L-Soft NO NO
Mad Mimi (GoDaddy) NO NO
Mailchimp NO NO
MailerLite NO NO
Marketo (Adobe) NO NO
Salesforce Pardot NO NO
SendGrid (Twilio) NO NO
Sendinblue NO NO
Yesware NO NO
ActiveCampaign YES NO
Braze YES NO
Constant Contact YES NO
Infusionsoft by Keap YES NO
Salesforce Marketing Cloud YES NO
Eloqua (Oracle) YES YES **
Paubox Marketing YES YES

(** To use Oracle Eloqua in a HIPAA compliant manner, recipients receive two emails for every message you send. Patients must also log into a secure message center to view your message—it does not appear in their inboxes. This creates friction and makes it less likely that your patients will read your marketing email.)

Although you might see HIPAA as a roadblock to implementing an email marketing strategy, it doesn’t have to be.

Try Paubox Marketing for free and make your email marketing HIPAA compliant today.
Copy link
Powered by Social Snap