Phone.com Security
HIPAA and HITECH Compliant Voice and Video
We’ve partnered with the Compliancy Group, the leading HIPAA compliance solution formed by former auditors and compliance experts, to bring you a worry-free business phone system in the cloud.Phone.com’s video meeting service is secured using triple DES encryption, preventing unauthorized callers from breaking in or “ZOOM bombing” sessions. Any data stored on Phone.com servers containing protected health information (PHI), such as voicemails with personal medical information, is safely encrypted while at rest.
With our partnership with the Compliancy Group in place, we can offer BAAs where needed.
SSL encryption
Phone.com uses high-grade SSL (Secure Sockets Layer) encryption when we ask for confidential information, such as your username & password, and throughout our control panel. This keeps the data sent between your browser and our servers secure. You can verify this at any time by looking for a “lock” icon in the bottom right-hand section of your browser.
Customer proprietary network information
When you sign up with Phone.com, we will ask you to select a secure password which you will use to access your control panel. We will ask you to confirm administrative ownership of your account before we access it. If you lose your password, you will be required to follow our password recovery process in order to gain access to your account.
This policy ensures that we do not release customer proprietary network information, such as provisioning data, configuration, and call logs, to unauthorized parties.
PCI Security Standards
Phone.com adheres to the Payment Card Industry Data Security Standard (PCI DSS) which is an information security standard for organizations that handle branded credit cards from the major card schemes. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council.