HelloSign Announces HIPAA and SOC 2 Compliance

Share Article

Companies Requiring a BAA Can Now Utilize the HelloSign Platform to Turn Process Into Revenue

HelloSign, the company powering the future of intelligent business, today announces compliance with the Health Insurance Portability & Accountability Act (HIPAA) in addition to an independent SOC 2 attestation in Security, Availability, and Confidentiality Trust Principles and Criteria. HelloSign’s successful completion of an external HIPAA compliance evaluation and SOC 2 Type 1 attestation illustrates our ongoing commitment to create and maintain the most stringent controls for the protection and security of customer information passed through HelloSign. HelloSign now offers customers the rate of innovation and agility that makes a startup attractive, paired with the security and privacy controls that the enterprises demand.

To learn more about security and compliance at HelloSign, visit: blog.hellosign.com/hellosign-is-soc2-hipaa-compliant/

HelloSign’s HIPAA compliance ensures both current and potential customers that operations surrounding core business processes such as access provisioning, change and release management, incident response and more meet strict security standards, and that individually identifiable health information is kept private and secure. In order to attain HIPAA compliance, HelloSign underwent a rigorous third party audit and implemented various controls such as employee background checks, security trainings, onboarding/offboarding procedures and more to safeguard endpoint security, physical security and encryption of customer data.

HelloSign does not collect or store electronic protected health information (ePHI) as part of normal business operations, however HIPAA compliance makes it possible for any HIPAA compliant company that would like to use HelloSign for documents or workflow containing ePHI to enter into a business associate agreement (BAA) which ensures both parties agree to fully comply with the requirements of the HIPAA Rules.

In addition to HIPAA compliance, HelloSign also announces its successful completion of a SOC 2 Type 1 audit in accordance with the Security, Confidentiality and Availability Trust Principles and Criteria. This audit examined the controls and processes involved in storing, handling and transmitting data securely through HelloSign. The success of the audit results in SOC 2 Type 1 attestation report and serves as trusted third party validation that HelloSign’s security practices meet industry standards as deemed necessary by the American Institute of Certified Public Accountants (AICPA).

“At HelloSign, we’ve always made the security and privacy of our customers’ documents a priority, and becoming both SOC 2 and HIPAA compliant is a reflection of our ongoing commitment,” said Joseph Walla, CEO and Co-founder of HelloSign. “There’s been a lot of pent up demand for HIPAA and SOC 2 compliance so the most exciting take-away here is that this opens the door for any potential customers that require these compliances to utilize the HelloSign platform to turn outdated, costly processes into revenue.”

At HelloSign, stringent security practices are exercised and legality is kept top of mind throughout development and maintenance of the HelloSign platform. In order to be sure the person signing documents is who they say they are, HelloSign authenticates document signers through email and also offers two-factor authentication. To protect HelloSign user accounts, all user information transferred is 256-bit SSL encrypted, including usernames and passwords. Using hashing technology, HelloSign can provide evidence of tampering (or lack thereof) between pre- and post- signed documents. Additionally, HelloSign encrypts all statically-stored user files and signature information in Amazon's S3 servers, which are housed in ISO 27001 certified data centers.

About HelloSign
HelloSign is powering the future of intelligent business. The company’s software platform — which includes eSignature, digital workflow and electronic fax solutions — converts process to revenue for over 50,000 companies around the world with HelloSign, HelloFax and HelloWorks. For more information visit http://www.hellosign.com.

Media Contact
Jasmine Castro-Torres

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Jasmine Castro-Torres
+1 (831) 345-1958
Email >

Jasmine Castro-Torres
Visit website