Regulatory Compliance
SAS 70
SendThisFile utilizes data centers that have passed a Statement on Auditing Standard (SAS) No. 70 Type II audit conducted by a third party. A SAS 70 Type II audit uses an outside auditor to validate that the internal controls for a company conform to industry best practices. A successful audit signifies that the proper procedures, hardware, and software provide robust security for our servers and that proper data handling is being performed. We are proud of our SAS 70 type II data center status.
SSAE16


HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) specifies a series of administrative, physical, and technical safeguards for covered entities and their Business Associates to use to assure the confidentiality, integrity, and availability of electronic protected health information. The HIPAA omnibus final rule narrowed the "conduit exception" for Business Associate agreements. However, it still recognizes courier services such as the USPS, UPS and their electronic equivalents as exceptions to the Business Associate agreement requirement. A key determinant in meeting or not meeting the conduit exception is the "transient versus persistent nature" of the service offered. SendThisFile, Inc. is a secure file transfer service and not a file storage service. This service is transient in nature and therefore meets the conduit exception.
If your firm requires a Business Associates Agreement, please let us know by contacting us atmoc.e1524304314lifsi1524304314htdne1524304314s@lag1524304314el1524304314 and we will provide our standard Business Associates Agreement for your review. Our Business Associate Agreement is available for our Enterprise level plans.