HIPAA Compliant Email

Securely protect patient information and your practice

As low as $11.99 / month*

Home » Microsoft 365 from GoDaddy » HIPAA Compliant Email

HIPAA compliant email that covers all your bases

Legal compliance

As a legal requirement, HIPAA compliance requires covered entities, such as medical practices, to obtain written assurances that their business will safeguard Protected Health Information (PHI).

Secure patient data

Microsoft has safeguards in place that are required by HIPAA for various Microsoft 365 services in order to securely protect patient information and meet the requirements for compliance.

Simple setup and use

Setting up your HIPAA compliant email is simple and quick. Using your email is the same as using Outlook with Microsoft 365 email. Plus, experts knowledgeable in HIPAA compliance are always available to help.

Setting up your HIPAA compliant email

As a healthcare provider, medical practice, or insurance provider, you know that HIPAA compliance is required for all email your communications. Here’s how simple it is to set up for your practice or organization with Microsoft 365 from GoDaddy.

  1. Purchase the Microsoft 365 Business Professional plan.
  2. Activate your email address with your domain name.
  3. Visit the HIPAA compliance set up page to agree to the Microsoft 365 Business Associate Agreement.
  4. Enter your contact information.
  5. Submit and done.
steps to make email HIPPA compliant

Get HIPAA compliant email for your practice

microsoft outlook email

Microsoft 365 Business Professional


per month
hipaa compliant email microsoft 365

Included with Microsoft 365 Business Professional

  • 50 GB of email storage per email address
  • 1 TB of secure online storage for files and documents
  • Access to the latest Microsoft Office apps that can be installed on up to 5 PC or Mac computers per user
  • Access to the Outlook web app
  • Microsoft Office mobile apps for your smartphone and tablet
  • World-class data security and spam filtering
  • 24/7 support from award-winning email experts
  • A 30-day money-back guarantee
  • A guaranteed uptime of 99.9%
microsoft 365 godaddy
how to make email HIPAA compliant

Frequently asked questions

HIPAA, or The Health Insurance Portability and Accountability Act of 1996, is a federal U.S. healthcare law that sets the national standards and requirements needed to protect sensitive patient personal health information from being disclosed without knowledge or consent.

These requirements set the standards for the use and disclosure of sensitive patient health information. They also strictly safeguard personally identifiable information by companies within the healthcare and health insurance industries.

The HIPAA Privacy Rule and HIPAA Security Rule requires Covered Entities, such as medical practices, to obtain written assurances that their business and/or associates will safeguard electronic Protected Health Information (PHI) appropriately. If a medical practice, hospital, or other healthcare related business does not comply with the privacy rule, the result may be civil and/or criminal penalties.

Simply put, HIPAA compliant email is an email solution that adheres to The HIPAA Privacy Rule and HIPAA Security Rule requirements by using end-to-end encryption in all email communications in order to safeguard and protect personal health information (PHI) that is electronically transmitted.

Microsoft has safeguards in place that are required by HIPAA for various Microsoft 365 services. These safeguards are in place for many of their services including Office Online, Exchange Online, as well as SharePoint Online and OneDrive for Business. View more on Microsoft and HIPAA and the HITECH Act.

With Microsoft 365 Business Professional, users have access to an optional privacy and security contractual supplement called a HIPAA business associate agreement (BAA). This assists Microsoft 365 customers the meet requirements for HIPAA compliant email.

With Microsoft 365, making your email HIPAA compliant is a simple process that takes no more than several minutes.

Here’s how to do it.

  1. Sign up for the Microsoft 365 Business Professional email plan. This allows for the use of HIPAA compliant email as an add-on.
  2. After your email account has been activated, you will next need to set up your HIPAA compliant email.
  3. Electronically sign the Microsoft 365 HIPAA Business Associate Agreement (BAA). This ensures that all the emails set up for your organization under your subscription are automatically HIPAA compliant.

Note: If you have multiple employees and staff email accounts on the same Microsoft 365 Business Professional email plan, there is no need for those email accounts to have separate Business Professional subscriptions for their email accounts to be HIPAA compliant.

For more detailed step-by-step instructions, see our article: How to make your email HIPAA compliant.

  1. When logged into your Microsoft 365 account and in your Email & Office dashboard, click on the menu icon in the top left and select Add-Ins from the drop down that displays.
  2. After selecting Add-Ins, you will be shown different Add-In options to choose from.
  3. Locate the HIPAA compliant email Add-In option. Next to HIPAA compliant email, choose Get started.
  4. After selecting Get Started, you will then be presented with a checkbox that states, I agree to the Microsoft 365 HIPAA Business Associate Agreement where you can view and read the agreement form for your account.

Help available when you need it.

Expert support is available 24/7 to answer your questions at any time.

Call anytime. (480) 624-2500
customer support

*Price excludes applicable taxes and ICANN fees.

**As a Covered Entity, it is solely your legal obligation to ensure that your HIPAA-compliant email solution is configured correctly, and that you and your staff are trained to ensure that your email is deployed and used in a manner that meets HIPAA compliance for your operations. A HIPAA compliant email service alone will not satisfy all HIPAA requirements necessary for your compliance. For this reason, it is strongly suggested that you contact your own legal counsel for any guidance needed.