Paubox Marketing and CCPA Compliance

Featured image

Share this article

Electric trax train in a city with big buildings in the background


  • A pharmacy startup recently asked about our stance on CCPA compliance as it relates to data deletion requests within Paubox Marketing.
  • The California Consumer Privacy Act (CCPA) is California’s relatively new privacy law that went into effect on 1 January 2020.
  • The CCPA gives consumers more control over the personal information that businesses collect about them.

This post is about CCPA compliance (including data deletion requests) and Paubox Marketing, our HIPAA compliant email marketing solution.

See Related: CCPA: How California’s new privacy law impacts healthcare

See Related: HIPAA Compliant Email: The Definitive Guide

CCPA Compliance and Data Deletion Requests

According to the State of California Department of Justice Office of the Attorney General, CCPA secures the following new privacy rights for California consumers:

  • The right to know about the personal information a business collects about them (including how it’s used and shared)
  • The right to delete personal information collected from them
  • The right to opt-out of the sale of their personal information
  • The right to not being discriminated against for exercising their CCPA rights

As it relates to data deletion requests, consumers may request that businesses delete personal information they collected from them. These businesses are also required to tell their service providers to do the same. In the aforementioned case of the pharmacy startup, the service provider would be us (Paubox).

It should be noted however, there are exceptions that allow businesses to keep consumers’ personal information.

Paubox Marketing and CCPA Compliance

Upon request, Paubox will sign a Data Processing Addendum (DPA) with paid customers.

Section 6 (Data Subject Rights) of the Paubox DPA states:

Customer is responsible for responding to any Data Subject requests relating to Customer Personal Data (“Requests”). If Paubox receives any Requests during the term, Paubox will advise the Data Subject to submit the request directly to Customer or the appropriate Controller. Paubox will provide Customer with self-service functionality or other reasonable assistance to permit Customer to respond to Requests.

In a nutshell, this means Paubox will provide paid customers with the appropriate level of support to help them comply with data deletion requests from their consumers (end users).

Paubox Marketing

Prior to its launch, healthcare providers were stuck with generic messaging because it was impossible to personalize email with patient information without violating HIPAA regulations.

Now you can send your patients personalized messages that include PHI using our HIPAA compliant email marketing service, Paubox Marketing.

  • Grow your business. Send targeted, personalized messages that resonate with your audience.
  • Increase patient engagement. Drive engagement by including PHI in your HIPAA compliant email campaigns to create personalized and relevant messaging.
  • Track results. Access real-time analytics to track marketing campaign performance.
  • Improve patient outcomes. Ensure that patients don’t miss vital treatment by sending email reminders and recommendations for additional services.

Paubox Marketing is HITRUST CSF certified and is free to use for up to 100 contacts.

The free plan also includes a business associate agreement.

Kickstart your HIPAA compliant email marketing with Paubox Marketing
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022