Security & privacy
Lob maintains enterprise-level security and privacy measures to ensure our customer data, information assets, and system infrastructures are thoroughly protected against bad actors. Read on to learn more about our work in this area.
If your business requires Single Sign-On, you can configure Lob SSO with other popular IDPs in the market. See instructions for SSO setup.
Whether or not to print and mail PII is at the discretion of the user. See USPS Marketing Mail Eligibility for guidance surrounding how PII impacts postage and mailing class options. We strongly recommend that any mailing containing PII be sent using the sealable Letter mail format.
If you require HIPAA-compliant healthcare mailings that include PHI, we strongly recommend they be sent as a letter, which is a HIPAA-compliant form factor. We do not support HIPAA-compliant mailing for self-mailers, postcards, or letter-affixed cards. Lob has dedicated HIPAA-compliant processes and facilities for customers that require it.
If HIPAA compliance is one of your requirements, speak to Sales about a Business Associates Agreement (BAA).
Lob undergoes annual audits conducted by a third party to ensure SOC 2 Type 2 and HIPAA compliance.
For more information regarding compliance certifications, and the standards to which Lob adheres, reach out to your Customer Success Manager (CSM) or [email protected], or contact our security team at [email protected].