mFax security

mFax and the entire family of Documo products are designed for organizations handling highly sensitive information and operating in regulated environments. mFax has a number of built-in security features to keep your data safe and help keep your organization regulation compliant.

How we safeguard your data

Among other data security measures, we encrypt all files from the point of upload to the point of delivery using AES-256 bit encryption technology combined with TLS 1.2 encryption protocols

Advanced user controls and permissions

2-factor authentication (2FA) available and recommended for all users

Account level user access and permission controls

Automated session timeouts

Advanced tracking, reporting, and audit trail features

Data encryption and secured connections

Built on Google Cloud Platform, leveraging all of the power of their multi-layer, progressive security cloud infrastructure

All files are scrambled using AES 256-bit encryption while in storage and during transfer

TLS 1.2 encryption for files in transit

Secure HTTPS connections for both web interface and API

Data center security

Web servers, application servers, and databases all housed in state-of-the-art SSAE16 secured facilities with redundant hardware, power, and internet connectivity

Physical access strictly controlled via biometric scanning and 24/7 on-site security

Regulatory compliance

Maintaining compliance with industry regulations protects the privacy of your clients, reduces costly penalties, and safeguards your reputation

HIPAA

mFax’s technology is designed to be fully compliant with HIPAA, and we sign business associate agreements (BAAs) upon request.

GLBA

mFax meets or exceeds all secure communications and data privacy standards set forth in the Gramm-Leach-Bliley Act (GLBA).

SOX

mFax is a secure communication channel for the handling of electronic records as outlined in the Sarbanes-Oxley Act (SOX) of 2002.

PCI-DSS

mFax meets the Payment Card Industry Data Security Standard (PCI-DSS) which requires financial information to be stored securely and protected from data breaches.

We sign BAAs

Regulatory requirements such as HIPAA require covered entities to only work with business associates who assume complete protection of PHI. mFax signs BAAs with customers at any plan level upon request.

Personal information & privacy

We value your privacy and closely guard the security of your personal information. Click below for more information about how we collect and use your data.