mSign security

Advanced user controls and permissions

2-factor authentication (2FA) available and recommended for all users

Account level user access and permission controls

Automated session timeouts

Advanced tracking, reporting, and audit trail features

Data encryption and secured connections

Built on Google Cloud Platform, leveraging all of the power of their multi-layer, progressive security cloud infrastructure

All files are scrambled using AES 256-bit encryption while in storage and during transfer

TLS 1.2 encryption for files in transit

Secure HTTPS connections for both web interface and API

Data center security

Web servers, application servers, and databases all housed in state-of-the-art SSAE16 secured facilities with redundant hardware, power, and internet connectivity

Physical access strictly controlled via biometric scanning and 24/7 on-site security

HIPAA

mSign’s technology is designed to be fully compliant with HIPAA, and we’ll sign business associate agreements (BAAs) upon request.

UETA

The Uniform Electronic Transactions Act (UETA) establishes the legal equivalence of electronic records and signatures with paper writings and physical “wet ink” signatures, meaning any document executed electronically carries the same legal weight as its printed counterpart.

E-SIGN

The Electronic Signatures in Global and National Commerce (E-SIGN) Act ensures the validity and legal enforceability of electronically signed documents, making documents signed with mSign just as legally-binding as physically signed documents.

We sign BAAs

Regulatory requirements such as HIPAA require covered entities to only work with business associates who assume complete protection of PHI. We sign BAAs with customers at any plan level upon request.