We understand the importance of choosing the right email hosting for your business. In this article, we’ll answer the question: Is GoDaddy email HIPAA compliant? We’ll explain the different steps needed to make GoDaddy email HIPAA compliant, and how to make sure your organization is following the necessary steps to stay compliant.

What is the Question?

Is GoDaddy email HIPAA compliant?

What is HIPAA?

HIPAA stands for the Health Insurance Portability and Accountability Act of 1996. HIPAA helps protect the privacy and security of protected health information (PHI) and sets standards for how PHI is used, stored and shared. By law, organizations that handle PHI must have policies and procedures in place that meet certain security and privacy standards.

Does GoDaddy Offer HIPAA Compliance?

No, by offering a BAA, GoDaddy and Microsoft help support your HIPAA compliance, but using this service doesn’t achieve compliance on its own. Your organization must take additional steps to ensure it meets all HIPAA requirements. These steps include:

  • Set up HIPAA compliant email
  • Sign in to your Email & Office Dashboard (use your GoDaddy username and password)
  • Select Add-Ons in the upper-left corner
  • Next select the HIPAA Compliance add-on
  • Follow the instructions to complete the setup process

Microsoft 365 email services sold and supported by GoDaddy has stated that it is HIPAA compliant. GoDaddy provides a variety of services that can help you meet the requirements of HIPAA.

Can I Use GoDaddy for HIPAA Compliant Email?

As we’ve previously written, it is possible for a covered entity to use GoDaddy for HIPAA compliant email. Indeed, the only business associate agreement (BAA) GoDaddy offers is for Microsoft 365. This agreement is what you need to sign in order to make sure that your organization is compliant.

How Can I Make My GoDaddy Email HIPAA Compliant?

Out of the box, GoDaddy email is not HIPAA compliant, but it an easily be made compliant with a few tweaks. The easiest way to make your email HIPAA compliant is to sign up for the HIPAA compliance add-on offered through the GoDaddy Email & Office 365 Dashboard. This add-on provides encryption and additional security features to help you meet HIPAA’s requirements.


The short answer is yes, GoDaddy is hosting HIPAA compliant websites. However, we recommend that you contact GoDaddy to confirm that their services meet your organization’s particular compliance needs. For more information on hosting, security, and compliance, be sure to check out HostsRated.com.

What steps do I need to take to ensure my GoDaddy email meets HIPAA standards?

Select Sign up.

1. Log in to your Email & Office Dashboard with your GoDaddy username and password.
2. Click the Add-Ons button in the upper-left corner.
3. Click the “Get started” button next to the HIPAA compliant email option.
4. Check the box indicating that you agree to the Microsoft 365 HIPAA Business Associate Agreement.
5. Press the “Sign up” button.

What are the indicators that an email is HIPAA compliant?

Emails containing PHI must be safeguarded with a third-party encryption program or secure algorithms such as 3DES, AES, etc. If the PHI is located within the body of the text, then the entire message must be encrypted. However, if the PHI is part of an attachment, then only the attachment needs to be encrypted.

Is GoDaddy email secure?

Nearly all cyber threats come through email attachments, and small businesses are especially vulnerable. GoDaddy offers Advanced Email Security for just $4.99 per month, which safeguards all your emails from data and safety risks.

Which email service does GoDaddy utilize?

GoDaddy’s Microsoft 365 plans come with the assurance that your emails will be reliably up and running, and our renowned service team is ready to help you any time you need.