Does Outlook enable HIPAA compliance?

Outlook can enable HIPAA compliance, but currently only if it’s part of one of the paid Enterprise versions of Office 365. Microsoft provides a Business Associate Agreement (BAA) for the Enterprise version of Office 365.

The free email platform offered by Microsoft,, doesn’t appear to have been built to handle ePHI securely or to comply with HIPAA. However, Outlook can be used as a HIPAA-friendly service with a paid Office 365 subscription and additional client-side encryption.

For HIPAA compliance features, users must be on one of the following plans: Office 365 Business Premium, Office 365 Business Essentials, Office 365 ProPlus, Office 365 Enterprise E1, Office 365 Enterprise E2, or Office 365 Enterprise E3.

Product details

Company Logo


Email Services

Product description

Microsoft Outlook is an email service provider used to send and receive emails and manage personal information, notes, and calendar appointments.

This web page was updated on September 28, 2022.


Readers should perform their own research before making the final decision. The information on the Jotform HIPAA Compliance Checker does not constitute official healthcare or legal advice. Jotform is not liable for any damage or liabilities arising out of or connected in any manner with this platform.

If you see any incorrect, incomplete or inaccurate information, please request correction by filling the form below.

Request Correction

Get professional solutions with Jotform Enterprise

Discover how Jotform Enterprise can benefit your organization. Automate, collaborate, and scale with ease.