Security & privacy

Lob maintains enterprise-level security and privacy measures to ensure our customer data, information assets, and system infrastructures are thoroughly protected against bad actors. Read on to learn more about our work in this area.

Single Sign-On (SSO)

If your business requires Single Sign-On, you can configure Lob SSO with other popular IDPs in the market. See instructions for SSO setup.

Data privacy

Personally Identifiable Information (PII)

Whether or not to print and mail PII is at the discretion of the user. See USPS Marketing Mail Eligibility for guidance surrounding how PII impacts postage and mailing class options. We strongly recommend that any mailing containing PII be sent using the sealable Letter mail format.

Protected Health Information (PHI)

If you require HIPAA-compliant healthcare mailings that include PHI, we strongly recommend they be sent as a letter, which is a HIPAA-compliant form factor. We do not support HIPAA-compliant mailing for self-mailers, postcards, or letter-affixed cards. Lob has dedicated HIPAA-compliant processes and facilities for customers that require it.

If HIPAA compliance is one of your requirements, speak to Sales about a Business Associates Agreement (BAA).

Privacy policy

Read more about our data collection and processing on our privacy policy page.


Lob undergoes annual audits conducted by a third party to ensure SOC 2 Type 2 and HIPAA compliance.

For more information regarding compliance certifications, and the standards to which Lob adheres, reach out to your Customer Success Manager (CSM) or, or contact our security team at

Last updated