FAQ - HIPAA Compliant Email

Security & Compliance

How does the security work resulting in HIPAA compliance?

Security and encryption is enforced without compromise for all the email messages sent from MDofficeMail and CryptnSend. An SSL (or TLS) session is initiated before login or password information is exchanged and well before any data is transmitted. Server certificates we use are 100% secure using RSA-powered TLS (Transport Layer Security). Email sent to other than “Safe Recipients” i.e. any account outside MDofficeMail service will be force encrypted and secured by MDVault to maintain compliance with security regulations. Click here for more information. All messages sent using CryptnSend service are encrypted by default.

Whether MDofficeMail / CryptnSend / Faxtone services are available throughout the world?

MDofficeMail / CryptnSend / Faxtone services are specifically meant for US healthcare providers. However MDofficeMail is can be accessed from few other countries in addition to the United States.

For security reasons MDofficeMail / CryptnSend / Faxtone services are not accessable from some geo locations outside the United Staetes. Please contact us for details.

Who is “Safe Recipient”?
  • All the email addresses in your domain.
  • All the email accounts hosted with MDofficeMail. This will be automatically detected.
  • All the email addresses that are certified by the user as “Safe Recipients” and added to “Safe List" in the address book.

All these email addresses are automatically detected by MDofficeMail.

How to determine an outside email address as “Safe Recipient”?

Any HIPAA compliant email server/service user is a “Safe Recipient”.

Who is “Other Recipient”?

All those whose security credentials are unknown are “Other recipients”. We strongly recommend to send secure and encrypted email messages these recipients to maintain security and meet compliance requirements.

What is “Locking" or "Encryption” of out-bound messages?

When a message is sent to “Other Recipient” it is encrypted with industry-standard AES-256 encryption in CBC mode with MD5 hash. This is the same kind of encryption is used by many Banks and Federal agencies around the world to protect their data.

These “Locked Messages” are not delivered to the Inbox of recipient. Instead they are stored in secure server MDVault of MDofficeMail. A notification is sent to the recipient informing a secure, encrypted message has been received.

What is “MDVault” and how does it work?

When a locked (encrypted) message is sent, it is stored in our secure server MDVault and just a notification is sent to the recipient, containing a secure weblink. By clicking this link and entering password recipient can log into our secure server, decrypt, view the message, and download attachments if any. In addition the recipient can send secure reply.

Is there a way to receive secure and plain messages instead of encrypted ones?

Encrypted messages are sent by MDofficeMail for security and compliance. These messages needs to be decrypted with a password to view them. It is very much possible to send plain messages instead of encrypted messages. Please visit hipaa-email-plain-message.html for more information.

Where can I find the Federal HIPAA HITECH legislation?

The HITECH legislation is Title XIII of the 2009 American Recovery and Reinvestment act, and can be found here:

What is your policy about sharing customers email addresses?

We respect your privacy. We never rent, sell or share client details with anyone.

FAQ - Features... click here





MDVault helps to send HIPAA-compliant, encrypted messages to any recipient, for end-to-end protection..







Email archives, Data backup, Calendar, File sharing, Access logs, Audit files, Spam control, Virus protection, Auto migration and..





Customize your email ID, webmail login page, MDVault, and notifications with your practice logo and banner...




Secure Fax

No more fax machines, telephone lines. Subscribe to MDfax to send/receive HIPAA compliant fax from your email or desktop...


HIPAA Compliant Email Free Trial
Free Trial of HIPAA Compliant Email Service
HIPAA Email Encryption Service Free Trial
HIPAA Secure Fax Free Trial
Free Trial