mSign security

mSign and the entire family of Documo products are designed for organizations handling highly sensitive information and operating in regulated environments. mSign has a number of built-in security features to keep your data safe and help you remain compliant with industry standards and regulations.

How we safeguard your data

Among other data security measures, we encrypt all files from the point of upload to the point of delivery using AES-256 bit encryption technology combined with TLS 1.2 encryption protocols

Advanced user controls and permissions

2-factor authentication (2FA) available and recommended for all users

Account level user access and permission controls

Automated session timeouts

Advanced tracking, reporting, and audit trail features

Data encryption and secured connections

Built on Google Cloud Platform, leveraging all of the power of their multi-layer, progressive security cloud infrastructure

All files are scrambled using AES 256-bit encryption while in storage and during transfer

TLS 1.2 encryption for files in transit

Secure HTTPS connections for both web interface and API

Data center security

Web servers, application servers, and databases all housed in state-of-the-art SSAE16 secured facilities with redundant hardware, power, and internet connectivity

Physical access strictly controlled via biometric scanning and 24/7 on-site security

Regulatory compliance

Maintaining compliance with industry regulations protects the privacy of your clients, reduces costly penalties, and safeguards your reputation


mSign’s technology is designed to be fully compliant with HIPAA, and we’ll sign business associate agreements (BAAs) upon request.


The Uniform Electronic Transactions Act (UETA) establishes the legal equivalence of electronic records and signatures with paper writings and physical “wet ink” signatures, meaning any document executed electronically carries the same legal weight as its printed counterpart.


The Electronic Signatures in Global and National Commerce (E-SIGN) Act ensures the validity and legal enforceability of electronically signed documents, making documents signed with mSign just as legally-binding as physically signed documents.

We sign BAAs

Regulatory requirements such as HIPAA require covered entities to only work with business associates who assume complete protection of PHI. We sign BAAs with customers at any plan level upon request.

Personal information & privacy

We value your privacy and closely guard the security of your personal information. Click below for more information about how we collect and use your data.