I ask this because I have a client who wants to be HIPPA complaint with patient communication. I don't know much about compliance with email except that the email needs to be encrypted. Currently, they use email hosted by bluehost via imap and over SSL. This just means the connection to bluehost is encrypted, but by the time it hits the patient's inbox, it is no longer encrypted correct?
TIA, Jimmy
