
pdfFiller HIPAA compliance
pdfFiller empowers medical professionals around the country by facilitating their compliance with the
Health Insurance Portability and Accountability Act (HIPAA).
Maintain HIPAA compliance and get an array of security features for your document management
pdfFiller protects the private health information of patients by using policies, procedures, and infrastructure
that aims to ensure the security, authenticity, and reliability of electronic records and signatures.
Tools that help you maintain HIPAA compliance:
Signer authentication
pdfFiller provides a variety of two-factor authentication options to help you verify the identity of your signers.
Audit Trail
pdfFiller creates and maintains a detailed document history that displays all document and account activity
by user, including full names, email and IP addresses, and time stamps.
Encryption
All your documents stored in your account are encrypted with the NSA-developed SHA-256 encryption algorithm
which protects data transfers between you and another person, you and a server, and against external access.
HIPAA compliant data storage
pdfFiller stores your documents in US-based Amazon S3 data centers, which set the industry standard for
HIPAA compliant secure data storage and protection against security breaches.
Encrypted folders
Safeguard access to documents inside your account with an additional and customizable layer of protection.
Use pdfFiller’s encrypted folders to create a two-factor authentication layer inside your account. Set an
additional password for opening and editing documents in your account.
Tamper-proof controls
pdfFiller employs anti-tampering technologies to ensure that your documents can not be altered once filled
out and signed. These technologies include watermarks and signature stamps.
Want to learn more?
Contact Sales
The security of your medical data is pdfFiller’s top priority
Information security
pdfFiller’s information security team of experts conducts regular risk management reviews, performance
auditing, risk classification, and guidance.
Vulnerability testing
pdfFiller’s information security team performs internal vulnerability scanning and retains external subject
matter experts to conduct penetration tests. We have developed processes and tools that ensure timely
identification and remediation of security vulnerabilities that could impact the product or physical security.
Access controls
pdfFiller’s system of access controls ensures that access granted to each environment is appropriate and
authorized. This includes defined processes, clear segregation of duties, appropriate approvals, audit trails, and access reviews.
Incident detection and response
pdfFiller’s infosecurity team promptly evaluates and responds to incidents that create suspicion of or
indicate unauthorized access to or handling of services and information.
Disaster recovery
pdfFiller maintains standard disaster recovery solutions to recover cloud-based systems, infrastructures,
file systems, and databases to restore business-critical systems in order to meet business system
Recovery Time Objectives (RTO).

Business Associate Agreement
In order to transmit electronic Protected Health Information (ePHI) using pdfFiller and maintain it with
HIPAA compliance, customers should sign a Business Associate Agreement (BAA) with pdfFiller. The BAA
mandates a set of security controls and processes, breach protocols, and sets the responsibilities of
each party to help maintain the security of ePHI.
How to stay HIPAA compliant with pdfFiller
Turn on HIPAA related settings in your account
Click your icon in the top right corner, choose My Account, and go to Settings. Choose Authentication and
Access Security and turn on the HIPAA compliance slider. Contact our support team to sign a Business
Associate Agreement (BAA) with us. That’s it, you will now send, collect, and store information according to HIPAA standards.
Note: Features such as Fax, Notarize, and Send via USPS are not available when your HIPAA slider is turned on.
Get dedicated support
Do you need more information on how to manage your document workflows in a HIPAA compliant manner? pdfFiller’s
support team is ready to help. Contact pdfFiller via live chat and we’ll address your privacy and security concerns.