Advanced security for your mail

Your physical mail and online data are secured through layers of protection that involve mail processing centers, access control, monitoring, data transfer and storage.


On-site mail processing

Every VPM location receives, processes, and stores mail on-site. No extra transits to a central processing facility, which reduces the risk of your mail getting delayed, lost, or damaged during transfer. BONUS - get your mail up to 2 weeks sooner too.


On-premise document shredding

All your unwanted mail is shredded on-site using mobile shredding services. Your mail leaves the facility in millions of pieces to prevent your personal information from landing in the wrong hands. Document destruction certificates are available upon request.


HIPAA compliance

VPM adheres to HIPAA standards to protect sensitive patient health information from being disclosed without the patient's knowledge or consent. VPM will also sign a BAA to satisfy HIPAA requirements.


Online mail data protection

Your mail data is hosted only on Amazon Web Services’ (AWS) SOC2 and HIPAA compliant infrastructure. It is encrypted when stored at rest and stored with 99.99% durability over a given year to reduce data loss. We protect your data as outlined in our DPA.


Keep mail private

While you’ll use your virtual mailbox service to read your mail online, you may receive sensitive mail that is for your eyes only. In such a situation, don’t have the mail contents scanned and have the unopened mail shipped out directly to you instead. You decide the best way to handle your mail.


SSL encryption for data in motion

All transfers involving your mail data are encrypted with high level SSL encryption, which blocks unauthorized users from intercepting information in flight.


Hashed passwords

No one (not even VPM) will know your passwords because it’s not stored in cleartext, but hashed and stored using SHA-256 and higher algorithms.


Two-factor authentication (2FA)

This extra layer of authentication strengthens security access to your account and data. In addition to your standard password, 2FA requires entering a one-time passcode to gain access to your account. This is done using an authenticator app that’s installed on your phone.


Third party data use

Under VPM’s privacy policy, your personal information is not shared with unauthorized third parties. Your data is not sold, rented, or provided to outside parties and your information is only used with third party partners (CRM, AWS, and email systems) to provide the services VPM offers.


Risk mitigation and audits

VPM performs periodic security audits to mitigate risks and vulnerabilities in the system. VPM is also proactive in finding and fixing potential weaknesses within the organization's network and data infrastructure.


Bank level encryption for billing

Your payment data is encrypted and stored in PCI Compliant systems ensuring no one gains access to your credit card information.


Top grade surveillance

Sleep well knowing that every VPM location has high resolution security cameras, alarms, and door access control systems to guard your mail from unwanted visitors. All mail processing is monitored for additional safety.