GoDaddy has stated that it enables HIPAA compliance for the Microsoft 365 email services it sells and supports.
GoDaddy provides a variety of services including website hosting, email management, and domain names. Covered entities can use email services for protected health information, but website hosting services may not meet HIPAA requirements.
For example, basic website hosting plans are on shared servers. Other technical and physical safeguards aren’t in place for these plans. Covered entities shouldn’t use GoDaddy shared hosting for websites containing patient information.
GoDaddy also offers email services through Microsoft Office 365. Two plans, Business Premium and Premium Security, offer HIPAA compliance features. Covered entities may purchase HIPAA-friendly email as an add-on to the service. All email accounts offer the option of full integration with Microsoft Office.