Salesforce Marketing Cloud vs. Paubox for HIPAA compliant email

Comparing Salesforce Marketing Cloud to Paubox for HIPAA compliant email

During a recent team meeting, it was our suggested our audience would love to learn more about the differences between Salesforce Marketing Cloud, which offers a digital marketing platform, and our own Paubox Marketing.

This post will compare and contrast Salesforce Marketing Cloud and Paubox as it relates to HIPAA compliant email.

About Salesforce Marketing Cloud

Salesforce Marketing Cloud (SFMC) is a digital marketing automation platform offered by Salesforce. It provides a suite of tools for businesses to create and manage marketing campaigns across various channels, including email, social media, mobile, and the web.

The platform allows users to segment and target specific customer groups, automate personalized communication, and track the effectiveness of marketing efforts.

Prior to its acquisition by Salesforce in 2013, the company was founded in 2000 under the name ExactTarget. It was renamed to Salesforce Marketing Cloud in 2014.

About Paubox Marketing

Paubox Marketing is an email marketing automation platform built specifically for U.S. healthcare organizations. It provides a set of API-based services for covered entities and business associates to create and manage email marketing campaigns.

Using a patented approach, the solution allows customers to personalize email campaigns with PHI (protected health information) and track results with realtime analytics. In addition, the Paubox Marketing API is available to customers to use.

Paubox launched in 2015 and currently has over four thousand customers in all 50 states.

Is Salesforce Marketing Cloud HIPAA compliant?

There are several things to consider when it comes to Salesforce Marketing Cloud and its ability to provide HIPAA compliant email.

First, let’s start with a quick recap of terms. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects the privacy of individuals’ personal health information, otherwise known as PHI.

As we’ve previously discussed, HIPAA applies to covered entities, which includes healthcare providers, health plans, and healthcare clearinghouses. It also applies to business associates of these covered entities. These are entities that perform certain functions or activities on behalf of the covered entity.

business associate agreement (BAA) is a written contract between a covered entity and a business associate. It is required by law for HIPAA compliance.

We’ve written in the past about Salesforce Marketing Cloud and its stance on HIPAA compliance.

In a nutshell, Salesforce was willing to sign a BAA for Marketing Cloud in 2019, although the scope of coverage was quite limited.

As of 2023 however, we were unable to find Salesforce Marketing Cloud as a HIPAA Covered Service in the Salesforce Business Associate Addendum Restrictions page. We are left to conclude Salesforce is no longer offering Marketing Cloud as a HIPAA compliant service.

See related: Is Salesforce Marketing Cloud HIPAA compliant? (2023 update)

Is Paubox HIPAA compliant?

Paubox was built around the Paubox Foundationsthree big ideas, and a mission to become the market leader for HIPAA compliant communication.

Paubox provides a BAA for all paid and freemium customers.

In addition, the following solutions are HITRUST CSF certified:

While an official HIPAA compliance certification does not exist, it’s widely acknowledged HITRUST CSF is the closest thing to it. In a nutshell, not only is Paubox HIPAA compliant, but its solutions are also HITRUST CSF certified.

Conclusion

Both Salesforce Marketing Cloud and Paubox offer an email marketing automation platform that alleviates the need for customers to fret about infrastructure and maintenance of in-house email marketing systems.

Salesforce Marketing Cloud however, is no longer listed as a HIPAA Covered Service by Salesforce. We are therefore left to conclude it is not a HIPAA compliant solution.

Paubox on the other hand, was built from the ground up to provide secure, easy-to-use, HIPAA compliant email. This is apparent from its technical design (four patents and counting), HITRUST CSF certification since 2019, and inclusion of a business associate agreement for all customers (paid and freemium).

About the author

Hoala Greevy

Founder CEO Paubox. Kayak fishing when I can.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport
EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport