At our May 2026 Zoom social mixer, the conversation focused on new Paubox product releases, cybersecurity challenges in healthcare, and the growing complexity of managing AI and personal devices in clinical environments.
What happened:
The May social mixer was an unmoderated discussion among healthcare IT professionals and marketers. We covered new self-service mail archive exports, a simplified user roles and permissions system, the new Paubox Forms API, AI governance and shadow AI risks, password security best practices, MDM for personal devices, and upcoming HIPAA rule changes.
Go deeper: Collect patient data securely with Paubox Forms
Our takeaways:
-
Paubox's self-service mail archive export feature is now live for premium users, allowing searches by mailbox, date range, or keyword with exports delivered in MBOX format and retained for 45 days.
-
Archived emails persist regardless of whether a user deletes them from their inbox — a useful point for compliance and legal hold conversations.
-
The updated user roles and permissions system simplifies the dashboard to two roles, Admin and User, with granular feature-level controls.
-
The Paubox Forms API is now available, enabling developers to fully customize forms and embed them natively into websites rather than linking out to a hosted form.
-
End users remain the weakest security link, particularly around unauthorized AI tool usage.
-
Several attendees noted that building AI functionality directly into existing tools like CRMs is an effective way to reduce shadow AI adoption.
-
BAA coverage gaps for AI tools are a real concern. One attendee confirmed that while their company has a BAA with Claude covering chat and code, Office and Google Workspace connectors are explicitly excluded.
-
On passwords, updated NIST guidance favors length over complexity: four random words (a passphrase) outperform short strings of special characters. HIPAA has not yet aligned with this guidance, but new 2026 rules will require MFA for all apps.
-
Encrypted email will become mandatory under upcoming HIPAA updates rather than merely "addressable," something Paubox customers are already covered for.
-
For MDM on personal devices, minimal settings like passcode enforcement, notification blocking, and remote wipe, proved most effective for employee adoption.
The bottom line: Customers count on Paubox to help keep their emails HIPAA compliant and save time managing inbound email security challenges.
See also: Our playbook for Zoom social mixers
See also: HIPAA Compliant Email: The Definitive Guide
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
Dean Levitt
