Email Encryption

Email Encryption is secure, fast and easy to use.

AppRiver's Email Encryption gives you true mailbox-to-mailbox security keeping confidential information safe while helping your business remain compliant.

Why Email Encryption?

AppRiver CPP OWA

  • Office 365 compatible
  • One-click encryption right from your mailbox
  • Provides delivery slip and registered mail options
  • Enables large file attachment encryption and delivery
  • Includes Outlook plug-in, Windows and Mac desktop agents, browser plug-ins
  • Full-featured functionality for mobile devices
  • Optional built-in Secure E-signature feature

Your business is taking a risk without Email Encryption!


Email Encryption protects your messages even when a secure connection like TLS isn't available. If you do have TLS, AppRiver's encrypted email provides an additional layer of security with true mailbox-to-mailbox encryption.

CipherPost Pro Guides

PDF  Looking for more proof? Check out this independent review and then try Email Encryption free for 30 Days!


PDF   Check out our infographic and learn why more and more businesses are protecting their communications with email encryption and secure e-signature.

  • Secure, fast and easy to use
  • Protects confidential information and helps ensure regulatory compliance
  • Provides delivery slip and registered mail options
  • Features centralized management
  • Enables large file attachment encryption and delivery
  • One-click encryption
  • Includes Outlook plug-in, Windows and Mac desktop agents, browser plug-ins
  • Full-featured functionality for mobile devices including iPhones, iPads, BlackBerry, Windows Phone, Android and more
  • Compatible with Office 365
  • Includes Phenomenal Care® from our US-based team, 24 hours a day, every day

AppRiver's Phenomenal Sales advisors can provide information on which features are available with CipherPost Pro® email encryption service. Contact for more information.

You need to access your secure messages no matter where you are, and CipherPost Pro® has you covered.

AppRiver CPP Mobile SupportCipherPost Pro allows you to send and receive encrypted email, track your sent messages, and open secure attachments from anywhere. Create, read and reply to secure messages on iOS, Android, Windows Phone and BlackBerry platforms. All of the features of CipherPost Pro email encryption, including real-time tracking, large file transfers, compliance services and many others, are available on your mobile device.

Optimized to minimize device battery and bandwidth consumption, CipherPost Pro provides easy and secure access to your encrypted messages without the need to store confidential and sensitive data on your mobile device. That means losing your phone doesn't mean losing critical information. And administrators can quickly enable or disable access from the Secure Message Center (Webmail) so no one can use a lost or stolen device to access your account.

And here's another benefit: CipherPost Pro mobile apps are free to licensed users.

Who Needs Secure E-Signature? The short answer is everybody. Whether it’s signing and exchanging contracts, medical records, or financial information, businesses and organizations of just about any size need to exchange signed documents. And by the very nature of the intent of a signature, that information is usually important, sensitive, confidential, or all three.

AppRiver CipherPost Pro® e-signature is a simple “click to acknowledge” process that is secure and easy for anybody to understand and use. It supports major document formats, including PDFs and Microsoft Office files, as well as most common image formats (JPG, PNG, etc.), with few restrictions on file size transfers. Whether you are a lawyer, engineer, or doctor, from complex agreements to digital blueprints to x-rays, you can obtain required signatures literally in seconds!

While many products offer fast and simple e-signature capabilities and others offer full security, only AppRiver provides all three without the burden of additional security software. And because it is an available option with AppRiver CipherPost Pro, there’s no learning curve and nothing to implement. You can simply start using it. It’s that easy—and that secure.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) places a number of requirements on the healthcare industry to assure that individuals’ health information is properly protected while allowing the swift flow of health information needed to provide ‘high quality’ health care.

As electronic health records (EHR) are becoming an industry standard for maintaining and transmitting health information, email emerges as the obvious choice for exchanging EHR quickly and efficiently among healthcare organizations. Such uses include:

  • Provider-to-Provider Communication: Healthcare providers often need to communicate with other providers efficiently and effectively, transferring patients’ medical histories, lab results, and the like to provide quality care to patients.
  • Requesting Health Consultation or Appointment: With patients’ busy schedules, and crowded waiting rooms, patients use email to request consultation and appointments before visiting a physician.
  • Submitting Health Claims to Plan Providers: Healthcare plan providers are accepting and responding to claims submissions via email to streamline and expedite the claims process.
  • Medical Billing and Invoicing: with email healthcare providers can streamline and reduce the cost of paper billing.

However, email has its weaknesses. Data can be leaked or lost through a variety of means from malware to phishing to user-error. In the case of healthcare organizations, this can mean the loss or unauthorized disclosure of patient medical files or other patient information exchanged via email.

As email is the choice means for exchanging patient information, HIPAA’s aim to secure patient data underscores the need for healthcare organizations to secure their email communications.

Who is affected?

HIPAA applies to all organizations that directly maintain and transmit personally identifiable health information, referred to by HIPAA as protected health information (PHI), or e-PHI in electronic form.

These include hospitals, physician and dental practices, health insurance brokers and carriers, laboratories, and pharmacies. Additionally, HIPAA applies to third party vendors and business partners that exchange data with organizations that directly maintain and transmit PHI in any form.

Non-compliance can be costly, or even crippling to your business. Under HIPAA, healthcare organizations that fail to secure PHI against loss or unauthorized disclosure face fines of up to $250,000 per incident while individuals responsible can face up to 10 years in prison for noncompliance.

In addition to harsh financial penalties and criminal proceedings, violators are required by the Department of Health and Human Services to report their compliance breaches to affected parties as well as the media if a breach affects 500 or more individuals.

Without question, the ensuing legal entanglements, reputation damage and financial cost of HIPAA violations threaten your business’s bottom line and may critically impact your organization’s ability to do future business.

HIPAA and your email

Two provisions under HIPAA directly impact healthcare organizations’ email policy and security: The Privacy Rule and the Security Rule. Together they identify what information is to be protected and provide a framework for safeguards organizations must put in place to ensure email compliance.

The Privacy rule defines what patient information is to be protected and places healthcare organizations responsible for the confidentiality of PHI in any form, including EHR. Under HIPAA, protected health information (PHI) is any information about health status, provision of health care, or payment for health care that can be linked to a specific individual.

Consequently, the Security Rule mandates that affected organizations implement appropriate policies, technical and physical safeguards for information systems that maintain e-PHI, including email, to ensure the security and confidentiality of e-PHI against loss or unauthorized disclosure. Specifically HIPAA requires that affected organizations:

  • Ensure the confidentiality, integrity, and availability of all e-PHI they create, receive, maintain or transmit.
  • Identify and protect e-PHI against reasonably anticipated threats to the security or integrity of the information.
  • Protect e-PHI against reasonably anticipated, impermissible uses or disclosures.
  • Ensure compliance by their workforce.

Considering the prevalence of accessing, sending and receiving e-PHI via email, and the vulnerabilities of doing so, it is obvious that HIPAA’s call for safeguards extend to email security.

While the Safeguards Rule fails to explicitly detail the technologies and solutions organizations should implement to secure their messaging systems, it does outline a framework of technical controls. These include:

  • Access Controls. A covered entity must implement technical policies and procedures that allow only authorized persons to access e-PHI.
  • Audit Controls. A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI.
  • Integrity Controls. A covered entity must implement policies and electronic measure to ensure that e-PHI tis not improperly altered or destroyed.
  • Transmission Security. A covered entity must implement technical security measures that guard against unauthorized access to e-PHI that is being transmitted over an electronic network.

Email Encryption can help

Email Encryption is a cloud solution for encryption your email communications, secure file transfer and DLP that helps address HIPAA technical security safeguard standards, and lets you use your email just the way it is. In addition, Email Encryption:

  • Helps address HIPAA technical security safeguard standards for secure and confidential email transmission of ePHI.
  • Simplifies the complexity of secure electronic communications, integrating seamlessly with any email platform including MS Outlook, MS Office 365, Gmail and Zimbra (for both sender and recipients regardless of their network configuration).
  • Eliminates size limitations for secure file transfer, enabling transmission of medical scans (X-rays) and other large files.
  • Enables secure web forms for capturing information directly from your website such as doctor consultations via email, insurance claims.
  • Enables Secure e-Statements for secure and traceable invoicing for medical services.
  • Automates and securely delivers messages and file attachments decrypted to any email archive database or third party application through a secure API.
  • Enables anytime, anywhere secure communication and collaboration by allowing users to send, track and receive secure email and medical files on any mobile device including iPhone, iPad, Android and BlackBerry.

AppRiver believes that email security should complement your email, not complicate it. Our cloud-based solutions for secure file transfer and email encryption work seamlessly with any email to enable secure communication and collaboration anytime, anywhere.

Can I send a secure message to anybody?

Yes, if you are an Email Encryption subscriber. When you send a secure message outside of your organization each recipient will be able to login to the Secure Messaging center to read, reply, and in some cases create new messages to Email Encryption subscribers who have communicated with you before.


Can I attach files to secure messages?

Yes. File attachments are transferred via HTTPS through the use of your Secure Messaging Platform instead of across regular SMTP connections, unreliable FTP or unsecure third party websites, which are very limited in security, speed and size limit.

Using the Secure Messaging Platform to exchange file attachments is safer, allows for up to 5GB size file transfer, is trackable and auditable, and so it becomes easier to manage each file attachment, directly in the Secure Message Center's Attachment Library, or directly in MS Outlook.


Can I continue to use my existing Email Address?

Yes. AppRiver's Email Encryption allows you to continue using your existing email address, email address aliases, email client, and server infrastructure. You can even integrate Email Encryption seamlessly in Outlook using the Secure MS Outlook Toolbar. If you use a different email program, you have full access to all of your secure messages by using the Secure Message Center (Webmail).


Do all our email accounts need to be enabled to get started?

No, only the employees that need to communicate securely need to be enabled.


Will email be automatically encrypted if we send out secure information, or must we manually encrypt it?

Yes. With data-leak prevention (DLP) rules enabled, Email Encryption can automatically encrypt information like Social Security, credit card or account numbers.


If the recipient forwards an encrypted message, will it remain encrypted?

Yes. Once an email has been encrypted, the entire thread will continue to be encrypted.


Is there a limit to the number of encrypted emails I can send per month?



Is there a way to set it to encrypt all emails to certain recipients?

Currently, no.


Can you encrypt embedded images in your emails?

No, images must be attached.


If I encounter an issue or have any feedback who should I contact?

You can reach our support team anytime at 866-223-4645 or you can create a ticket by submitting an email to