While we do value security for our customers, Drip is not HIPAA compliant. Meaning Drip does not offer the additional encryption and security needed to be HIPAA compliant.
Drip’s sending provider, SendGrid, is not HIPAA compliant either and does not natively support HIPAA compliant data transmission. Here is a SendGrid article containing further information on this matter: Is Sendgrid HIPAA Compliant?
As stated by SendGrid:
We suggest that you encrypt the message body of your emails on your end if you are concerned about being compliant with HIPAA, or offer a secure download link for secure documents rather than transmitting them directly via email.