Select Page

Leverage Microsoft Outlook to be your encrypted HIPAA database, project management tool, and CRM

HIPAA Database: 360 degrees

For innovative organizations, HIPAA compliance challenges merely represent hurdles that can be overcome with ingenuity, patience, and hard work. Keeping things organized with Outlook as your HIPAA database is possible however only if you have it properly set up.  You can have an overview of all your projects in the pipeline, as well as the nitty-gritty details about the daily work being done to move the projects forward.  

Projects are a specific type of work that have a start date, an end date, and deliverables.  Your team (employees) works together to break complex projects into component parts, namely milestones, tasks, and subtasks.

Every milestone, task, and subtask can be assigned to a specific person and given a deadline. Typically, all the other team members can see who is responsible for each task, whether that person is on track to complete it on time, and if there are any unanswered questions about the job. Having visibility into every team member’s task list is useful for understanding whether people are falling behind because they’re overworked. When you can see that a colleague has six task assignments all due within the next 48 hours, it’s easy to spot the problem and redistribute the work before deadlines slip.

Projects usually have assets, too, which range from a detailed description of the project and its parts to a visual mock-up. People on the project team all need access to these assets, and the project management becomes the central place where they live.
Whether you use communications tools included in the project management application or connect to an outside one, the idea is that your team can log into one workspace and have at hand everything they need to get work done, including a prioritized to-do list, all the necessary assets, notes from other colleagues, a calendar of deadlines and milestones, and a place to ask questions and find answers. 

Outlook HIPAA Database as CRM

As Microsoft itself has described it, Microsoft Outlook is essentially a calendar and email software. Wikipedia describes it as “Microsoft Outlook is a personal information manager from Microsoft, available as a part of the Microsoft Office suite.”  Although, it primarily is an email application it also comes with calendar, task manager, journal manager, contact manager and note taking facilities.  If you need a HIPAA Database, a HIPAA CRM, or a HIPAA project management tool for your business,  what we call  “HIPAA Database” might work for you for about $25/month/user or less.

Mindful the basic objective of using CRM software solutions is to organize customer contact details in a unified platform and to be able to send and receive emails from it, HIPAA database checks that box.   Moreover, a HIPAA database allows you to mark calendars with appointments, create and manage task lists, set alarms and reminders on your outlook inbox, create events and to-do lists, create folders etc. Also a HIPAA database allows you to create folders on contact names where every email communication with the contact can be arranged.

However there is a downside to HIPAA database as it does not link files, folders, PDFs or photos shared with contacts under their names automatically.  Hence, there is no way to keep track on the progress of customer interaction at one place – though there are work around solutions for this – it’s not automatic.  Further, HIPAA database doesn’t automatically tell the history of communication that you and your team have had with the client.   So to evaluate what communication you had in the past with the client you have to search the email correspondences – a manageable work-around solution.   HIPAA database also doesn’t allow you to share documents, meeting details etc. with your team.  But alas there are work-around solutions to all this as well, all without introducing outside tools (Outlook Add-ins).    However if you were to add just one “plug in” or “add-in”, OneNote would be the one to transform HIPAA database to check every box of a true Project Management Platform.    We talk about this in detail below!

Is Outlook HIPAA compliant?

For most versions, no — at least not by itself.  By adding an extra layer of client-side encryption from a secure email provider like GoDaddy, you can make Outlook HIPAA database fully compliant, and secure.  Microsoft Outlook can be HIPAA compliant, and meet the high standards of security and privacy mandated by the government.  For the encryption feature, GoDaddy partnered with cybersecurity firm Proofpoint to secure data in transit  Internal users (you and your company) will be able to read, and respond to, encrypted emails directly from your standard inbox, while external users (those you send email to) can access the encrypted messages through a provided web portal.  You are able to set up filters to determine which messages require encryption. GoDaddy’s email archiving feature is built on a partnership with cloud security firm Sonian.  

With the archiving feature email data and attachments are securely stored in a compliant, highly secure cloud archive.  This could make it easier to search for specific messages, while maintaining security and compliance. The Sonian platform is also compliant with industry regulations. So businesses that have to abide by regulatory compliances know their data is being stored in dispersed data centers that meet strict compliance and security standards. GoDaddy offers a premium Hipaa compliant version of Outlook that meets the requirements for storage and use of protected health information (PHI) and personally identifiable information (PII).  A real plus here is you don’t have to ‘get into the weeds’ on the paperwork, GoDaddy manages the administrative side of HIPAA compliance for you including:

  • Business Associate Agreement (BAA): GoDaddy maintains BAAs with its customers and offers BAAs to its HIPAA-Compliant Edition Outlook customers.
  • Complete Data Encryption: All of your data is encrypted while in the database and during transit.
  • Audit Logs: All data usage (read, write, and edits) is logged in a separate infrastructure and is archived according to HIPAA requirements.
  • Dedicated Infrastructure: All HIPAA customer accounts reside on a separate, high security infrastructure that is dedicated to compliance applications.
  • Dedicated Support: Technical support for issues involving protected information is provided by specially trained personnel.
  • Automatic Updates: Regular software upgrades ensure that your applications run on the best technologies available.

The vision, creativity, and ingenuity of your team will determine how you use Outlook to address the day-to-day challenges of your business, or to seize new business opportunities.  If you can use some insight and advisory, that’s why we’re here and that’s what we offer.

How do I get the HIPAA Business Associate Agreement (BAA) form for Outlook for HIPAA Database?

Once you’ve purchase your email plan with GoDaddy, just call them at (480) 463-8843 and they’ll make sure you have what you need to be HIPAA-compliant, including the BAA form.

Outlook HIPAA Database Project Management: A Closer Look

Outlook HIPAA Database will let you make to-do lists consisting of tasks, which you can do all sorts of things, such as setting due dates, reminders, categories, and more. The whole point is to create a more active kind of task list that you can interact with and will keep you honest.

Working in the Tasks View

Open Outlook HIPAA Database up to the Tasks view and have a look around. At first glance, you’ll notice it’s pretty empty and barren (it has yet to be filled up!).



Let’s go through and show you how to use Tasks like a pro and further organize your life with Outlook HIPAA Database. With a little time and work, you will have a comprehensive set of tasks, which you can set up to remind you when they’re due, or you can even assign them to another person!

Adding Tasks

You’ll notice that there’s the familiar folder pane along the left-hand side. You can add new folders to this view, effectively then organizing your tasks into categories. You can even create a new folder group so you can again separate your tasks between your professional and personal life, if necessary.

To start, you’ll notice that there’s one task folder group call My Tasks and two sub task folders: To-Do List and Tasks. If we right-click on the top-most folder, we can create a “New Folder Group” that we’ll name Work Tasks.

You can add a quick task by clicking on “Click here to add a new Task” or you can click “New Task” on the Home ribbon. Check out the following untitled task, to which you can apply a number of options, show the Task, its Details, as well as manage it.

Let’s fill out our task a little bit with some basic details and then click “Save & Close.” You can choose your start date, end date (if applicable), the status, priority, and completion percentage. You can also check the “Reminder” box and have Outlook HIPAA Database let you know when your task is coming due.

Viewing, Modifying, and Updating Tasks

After creating a few tasks, we can see them listed in our Tasks view. You can do some basic tinkering here such as changing the due date or assigning a category, but if you really want to view and edit, you need to double-click to open it.


Here’s our task once again. We can make changes to it such as the status or priority, or we can click on the “Details” button.


If there are other details associated with the task, you can fill them in here. While this may not be pertinent to most people, if you deal with independent contractors or consultants, then this is a great place to keep track of how much they’re approximately costing you.

There are a few other things we can mention before moving on to recurrences. While you’re nosing about in the task interface, take a moment to note that you can delete or forward the task if you decide it’s not worth pursuing, or you need input from someone else on it, respectively.

You can also manage the task, such as marking it complete, assigning it, and sending a status report. We’ll talk more about that shortly. For now, let’s briefly check out how to set up recurring tasks.

Working with Recurring Tasks

Creating a recurring task is the same as creating a recurring appointment or recurring meeting. The dialog you see when you click on the “Recurrence” button will likely look pretty familiar.

So here’s our “talk about work stuff” task, recurring every week on Wednesday, with no end in sight. Note also, that even if you do not complete the task by the time the task recurs, another one will still be generated.

You can override this by selecting the “regenerate new task” option, which instead of automatically recurring on x day, won’t regenerate the task until the current one is marked complete.

Assigning a Task to Someone Else

We have our “talk about work stuff!” task all set up, now we just need to pawn it off on someone else! Click the “Assign Task” button in the Manage Task section of the Ribbon.

This will open the task as an e-mail, which you can then address to others. In this case we’re just going to assign the task to talk about work stuff to someone else, so we’ll e-mail it to them.

If you want to type the address into the “To” field you can, or you can pluck the lucky name from your address book. Don’t have an address book set up? Read about how to create and manage contacts, including how to import your contacts from Gmail right into Outlook HIPAA Database.


That recipient will get an e-mail then with the option to “Accept” or “Decline.” We don’t want to make the boss upset, so we’ll just go ahead and accept the task. Besides, talking about work stuff is never a bad idea!


Finally, if the powers-that-be want to know the progress (or lack thereof) on your currently assigned task. You can send them a status report.

Overall, the average home Outlook HIPAA Database user is more likely to use tasks as a means of getting errands done or ticking chores off at home, but it’s useful to know the full range of your task-making abilities. Let’s move on now to the rest of the Home ribbon and talk about what you can do to manage task from there.

Managing Tasks and Sorting by View

During the course of your week, some tasks will get done, and some won’t. The ones that you complete, you can mark as complete and forget about. But the ones that you don’t get to will need to be managed somehow or you’ll just have an ever-growing list of blown tasks.

There’s a few ways to manage them. Let’s look at that area of the Ribbon and then show you how to make the most of these tools.

Clicking the “Remove from List” button will mark it as complete and remove it from the list. If Outlook HIPAA Database encounters a problem, such as if the task is recurring, or it is incomplete, it will ask you what you want to do about it.


You can also work directly with the tasks you see in your task list. Check out the following screenshot for more details. You see that you can simply click the flag icon to mark it as complete, or you can right-click to see your follow-up options.

You see here in the next screenshot, that our task “sit around watching football with our feet up” is due tomorrow, but we’ve also marked it for follow-up next week as well. Creating a follow-up task basically duplicates it for the time that best suits you to possibly complete it. In this case, we could mark tomorrow’s task as complete or remove it, but that duplicate task would still be due next week.


Note, you can follow-up tasks from one of five preset intervals, or you can create a custom follow-up.


Finally, changing your view can help slice through a large body of tasks. If it isn’t shown on the Ribbon, you can click the “Change View” button and you will see these options.

Here’s what a simple list might look like. The view doesn’t discriminate between states of completion or categories, or anything else. It just presents all your past, present, and future tasks in one simple view.


On the other hand, if we sort our view by active tasks, we see things are narrowed down a great deal for us.

Always remember to change your task view so you quickly sort through or hide them for maximum productivity potential!

Tasks Options

Lastly, let’s acquaint or reacquaint ourselves with task options. The task options will let you change settings and alter their behavior and appearance. You can reach them from the File menu, by clicking “Options -> Tasks.”


You can set options for reminders on tasks with due dates, overdue and completed task colors, work hours, and other simple tweaks. So now, if you want overdue tasks to be bright blue or you want default reminders at the end of the day instead of beginning, you can make the changes here.

As you can tell, Outlook HIPAA Database is revealing itself to be a very well-rounded application, and we haven’t even talked yet about calendaring and notes yet! We hope you’re able to use Tasks to rev up your organization skills a couple notches. They’re really easy to set and assign, and it’s nice to have those reminders and to watch all the things on your list slowly get checked off.

In the meantime, we’re interested in hearing from you. Have a question or comment you’d like to leave with us? Drop in on our discussion forum and fire away.

OneNote + Outlook = Full Blown Project Management

OneNote as a task and project management tool is one of the best tools out there.  Why not just use the Tasks feature in HIPAA Outlook Database, you ask? Well, there’s really no reason you can’t use both. Each have their place in your productivity toolbox, and they each compliment each other as well.  Here’s how you can integrate Outlook HIPAA  database tasks and OneNote to better manage the complexities of the multiple projects you have going on in your life, and your business, at any given time.


The biggest benefit to Tasks – its simplicity – is also its biggest drawback.

Although you have the ability to write notes when you open individual tasks, the features that are available within these notes are limited.


Text is great, but what if you want to organize the many spreadsheets, documents, meeting notes, and the many other records that go along with working on these tasks?

What you need is a sort of folder or notebook where you can store all of that information for each task, organized with tabs, and available at your fingertips when you’re reviewing your tasks and deciding what to work on next.   That’s OneNote.

Adding the OneNote Add-In to Outlook HIPAA database

Thankfully, you can do this with OneNote, since it integrates so perfectly with Outlook. To do this from within Outlook, just click on File and then Options.

Along the left navigation menu, click on the Add-Ins link.


At the bottom of this page you’ll see a “Manage” field with a dropdown box. Select “COM Add-ins” and click on the Go button.

If you have OneNote installed on your computer–which you should, because OneNote is free–then you’ll see an Add-In here titled OneNote Notes about Outlook HIPAA database Items. Select the checkbox next to this, and then click OK.


Now you’ll discover “OneNote” icons all throughout Outlook, but the one we’re most interested in is the one that now appears at the top of your Outlook HIPAA database Tasks page.

Now that you’ve integrated OneNote with Outlook, it’s time to put it to work to get more productive.

In the following section, I’ll show you how you can create notebooks for individual projects that you’ve got going on, and then how you can create new pages for managing tasks just by clicking the OneNote button in Outlook HIPAA database Tasks.

Effective Task Management with OneNote and Outlook HIPAA Database Tasks

First, open up OneNote and create a new Notebook just dedicated to Task Management.


Now inside the Task Management notebook, you can create new sections for each individual project that you’re currently working on.

All of the tasks in your Outlook HIPAA database Tasks page will typically fall under one project or another. Unfortunately in HIPAA Outlook database, it’s not as easy to visually organize these tasks by project. They all simply show up in a big, long list. There is the category to work with, but that’s just a column. Visually, the list looks quite intimidating.


But by adding sections in OneNote for each project, you’re creating this nice, clean visual layout that lets you organize all of your tasks visually into projects (which we’ll get to in a moment).


So, now that you’ve got OneNote set up with projects, you can start loading it up with Tasks as they come up.

Using Your New Task-to-OneNote Integration

Whether new tasks arise from an email your boss sends you, assignments provided by a project manager, or anywhere else, the process is the same; create the task in Outlook HIPAA database Tasks, highlight it (by clicking on the task) and then click the OneNote icon at the top of the Tasks page.


What happens when you do this is magic.

First, OneNote will ask you what section you want to place this new “page” into. This is where you select the Project where this task belongs.


Once you do that, OneNote will automatically import the Task from Outlook HIPAA database into that OneNote section as a new page.


Basically, sections are projects, and pages are tasks. So with this setup in OneNote, all of your projects will be listed along the left navigation bar. As you click on a project, you’ll see all of the related tasks along the right side navigation bar.

Once you’ve used this setup for a few days, you’ll appreciate just how intuitive and clean it is. Even if you have 4 or 5 projects all going on at once, this setup allows you to focus right in on a specific project, and see only the tasks associated with it, without all of the clutter of unrelated tasks.

Keeping Task Records Organized

By bringing your tasks into OneNote, you provide a central space where everything related to that task can be organized. And the things that you can organize on your Task page in OneNote is impressive.


You can insert tables of data (or insert an actual Excel spreadsheet if you like), attach any kind of file, take screen clippings, insert pictures or scanned images, make audio recordings, and of course add all the hyperlinks you like.

You could even create another to-do list within this individual task. What you organize in this space is completely up to you, but the point is that it allows you a centralized location to focus in on your task, without wasting time hunting through your directories for related files. Link everything here, and it’s all at your fingertips.

eBook: OneNote Tips & Tricks

If you are not currently using OneNote then this new eBook from Microsoft about OneNote 2016 may just be the catalyst you or your users need to seriously considering putting it to use on a daily basis. The eBook is only 19 pages long but it provides tips on how to do all of the following things in OneNote:

  • Get to your notes fast
  • Add a design when creating new pages
  • Add guides for handwriting and drawing
  • Indent and outdent with shortcut keys
  • Rearrange your thoughts and ideas
  • Tag important notes for easy follow-up
  • Take action on tagged notes
  • Skip the calculator and do math in any note
  • Take screen clippings and instantly file them
  • Recording audio
  • Search audio notes like normal text
  • Add a table of contents to a notebook
  • Build a wiki with easy links
  • Swap the page list from right to left
  • Keep your notebook structure visible
  • Put a digital sticky note on your screen
  • Click Here To Download this eBook

About HIPAA compliant email

The HIPAA Privacy Rule and the HIPAA Security Rule require covered entities to obtain written assurances that their business associates will appropriately safeguard electronic Protected Health Information (ePHI). Failure to comply with these rules can result in civil and criminal penalties.

HIPAA compliant Outlook email works just like regular email but with all the security features running behind the scenes.  GoDaddy offers HIPAA compliant Outlook and also has a specially trained HIPAA support team will walk you through the setup process and note after signing the Business Associate Agreement (BAA), the mailboxes you add are automatically HIPAA-compliant.


How does HIPAA Compliant Outlook Database Encryption Work?

GoDaddy has partnered with Proofpoint to provide the Email Encryption Add-on for HIPAA compliant Outlook database.  When the encryption add-on is set up, all mail is sent through Proofpoint, where the encryption filters and actions are applied. When you send encrypted mail to users outside of your organization, they receive a link to the message, within Proofpoint. They must create a Proofpoint user, to view the encrypted message content.  Your HIPAA compliant Outlook database inbox filters still function, and all email sent within your organization behaves as normal email, even when encrypted. Users in your organization do not have to log into Proofpoint to see mail, although it is still encrypted.  Along with the encryption service, you also get spam filtering with quarantine, message logs, and reporting for admins.

Email Encryption Add-on limitations

You are limited to 500 outgoing emails, per day, across your entire organization.

  • The day starts and ends around midnight GMT.
  • If you are sending a large number of marketing emails, you may want to consider GoDaddy Email Marketing for those campaigns. This would remove those emails from counting towards your encryption limit.

Your email size limit is 100 MB.

All users and domains within your organization must be included in the encryption account. You can not enable encryption for only some of your users, it must be everyone.

How to send and receive encrypted email

With the Email Encryption Add-on, all internal email sent to and from email addresses in your company is automatically encrypted. But you need to take an extra step to encrypt email you send to external recipients.

When Godaddy helps you set up your account, they will create a filter that allows you to send encrypted email externally by including the text [Encrypt] in the subject line. This text in your email subject is an instruction to Proofpoint to encrypt this message.

  1. Once your Encryption Add-on is ready to go, just send an email normally. But make sure to include the text [Encrypt] in the subject line.

    You only need to do this if you are sending to an external recipient, with an email address not on your company domain.

  2. The recipient will receive an email with instructions on how to view the encrypted email. The email is only available for 14 days, and can’t be saved locally by the recipient.

Set my encryption branding

With the Encryption Add-on, you can set your own branding, including colors and logo. This will display on the Proofpoint encryption email that external recipients receives, on the Proofpoint portal and login page, and on the Quarantine Digest report.

  1. Log in to Proofpoint.
  2. Under Company Settings, click Branding.
  3. Next to Upload Logo, click Choose File to use an image file for your logo.

    Logos should be high quality images. The maximum width should not exceed 250 pixels, and the maximum height should not exceed 60 pixels.

  4. Choose your desired Colour Scheme, and if you want to Make Background Transparent.
  5. Enter the From Name that you want to display on encrypted emails.

    You may want to use something like Your Company Name Encryption. It will display in the subject line of the email, like this: [From Name] on behalf of [Email Sender Name]

  6. Click Save.

HIPAA Encryption Requirements as stated in the Security Rule Provisions

As for the subject of encryption – which is essential for database protection – HIPAA states the following as being “addressable”:

  • 164.312(a)(2)(iv) Implement a mechanism to encrypt and decrypt electronic protected health information.
  • 164.312(e)(2)(ii) Implement a mechanism to encrypt electronic protected health information whenever deemed appropriate.

We at Hipaa Database make no distinction between “addressable” and “required” and you shouldn’t either. Look upon every mandate within HIPAA as “required” and dismiss the notion of “addressable”.  It’s a litigious world we live in. Imagine having a breach of Protected Health Information (PHI) and your defense is that the mandate was only “addressable” so we decided not to implement the security control. Probably not the best answer to provide a jury or whomever else is posing such a daunting question. Again, do not make any distinctions between “addressable” and “required”.

The Importance of Database Protection for HIPAA Compliance  

While encryption is without question the best form of database protection for PHI at “rest”, don’t forget that databases access – and many other information security 101 best practices – are also necessary for ensuring comprehensive database protection. Specifically, access to databases should be limited to authorized personnel only (i.e., Database Administrators), audit and logging should be configured accordingly for ensuring all database actions are captured and monitored, and database performance metrics should also be in place.

There’s quite a bit that goes into database protection for HIPAA compliance – and as one can see – it’s much more than just encryption. Thus, the question “Does HIPAA require database protection” needs to be assessed from many different aspects, first and foremost, from the perspective of PHI at rest, then with all the other best practices for database protection just discussed such as access control, database monitoring, etc.

Reasons for HIPAA Database Compliance

The reason for HIPAA database compliance is simple and straightforward. It’s the law. HIPAA database  is mandated for all that handle electronic transactions of confidential patient information. Companies found to be in violation put themselves at risk for expensive financial consequences. Providers found to be in violation can be charged $100 to $50,000 per violation per year. The exact amount depends on the severity of the violation, the number of patients involved and the severity of the provider’s negligence.

Turning to the Cloud for HIPAA Database Management

Cloud-based databases have revolutionized the ease with which companies are achieving HIPAA compliance. Physical theft of records is cited as the number one cause of data-security breaches. Therefore, cloud storage solutions have been the catalyst for a significant reduction in HIPAA violations.  In using Godaddy’s Outlook as a HIPAA database solution you are outsourcing the installation, migration and management of your database to GoDaddy, which is great for a small business to not to have to get into the weeds on the administration.

Understanding HIPAA Database Cloud Storage

Recent findings from the U.S. Department of Health and Human Services reported that using HIPAA database cloud storage to house patient information is safer and more secure than either paper storage or a local server. The reason lies in the elimination of physical theft. This report cited physical theft as the number-one cause of large-scale data breaches. Using a HIPAA database cloud storage system virtually eliminates this risk. The question for health-care providers looking to move to the cloud revolves around what the HIPAA standards are and what they need to do to meet them.

What Are the HIPAA Standards for Cloud Storage

To qualify as HIPAA database cloud storage, all protected PHI (patient health information), including patient records, lab results and all imaging (MRIs, CAT scans, X-rays, etc.), must be stored and transmitted in ways that comply with government standards. These standards have two categories: physical safeguards and technical safeguards.

  1. Physical safeguards required for HIPAA compliance. The physical safeguards refer to the protocols surrounding access and validation procedures for those trying to access the hardware that stores PHI. Essentially, they refer to regulations that control who is allowed to physically touch the servers that store protected information. Physical safeguards also include standards and regulations governing disaster-recovery plans for the data that could potentially be lost in a natural disaster. Lastly, physical safeguards also refer to HIPAA requirements that govern the use and disposal of EPHI (electronic private health information). An example would be protocol governing the disposal of failed hard drives.
  2. Technical safeguards required for HIPAA compliance. These safeguards regulate the electronic security of all protected information. Safeguard methods employed in this realm include encryption, decryption, authentication, user identification, audit and integrity controls. They also regulate the procedures for accessing EPHI during a natural disaster or emergency.

A HIPAA Business Associate Agreement (BAA) isn’t just a way to be extra-sure your partner is protecting your customer’s privacy or complying with HIPAA — it is the bare minimum required by law. With a few exceptions (such as your ISP), everyone who has access to your patient’s information needs to sign a BAA, including email providers like Microsoft Outlook.



Google Analytics, Google Adwords, Search, Mobile, Video, Display, & Shopping Certified Partner.  Bing Certified Partner.

Google Partner Page

tel. 256-270-4040

Contact Us

3 + 13 =