Security
Advanced security for your mail
Your physical mail and online data are secured through layers of protection that involve mail processing centers, access control, monitoring, data transfer and storage.

On-site mail processing
Every VPM location receives, processes, and stores mail on-site. No extra transits to a central processing facility, which reduces the risk of your mail getting delayed, lost, or damaged during transfer. BONUS - get your mail up to 2 weeks sooner too.
On-premise document shredding
All your unwanted mail is shredded on-site using mobile shredding services. Your mail leaves the facility in millions of pieces to prevent your personal information from landing in the wrong hands. Document destruction certificates are available upon request.
HIPAA compliance
VPM adheres to HIPAA standards to protect sensitive patient health information from being disclosed without the patient's knowledge or consent. VPM will also sign a BAA to satisfy HIPAA requirements.
Online mail data protection
Your mail data is hosted only on Amazon Web Services’ (AWS) SOC2 and HIPAA compliant infrastructure. It is encrypted when stored at rest to prevent unauthorized data access and stored with 99.99% durability over a given year to reduce data loss.
Keep mail private
While you’ll use your virtual mailbox service to read your mail online, you may receive sensitive mail that is for your eyes only. In such a situation, don’t have the mail contents scanned and have the unopened mail shipped out directly to you instead. You decide the best way to handle your mail.
SSL encryption for data in motion
All transfers involving your mail data are encrypted with high level SSL encryption, which blocks unauthorized users from intercepting information in flight.
Hashed passwords
No one (not even VPM) will know your passwords because it’s not stored in cleartext, but hashed and stored using SHA-256 and higher algorithms.
Two-factor authentication (2FA)
This extra layer of authentication strengthens security access to your account and data. In addition to your standard password, 2FA requires entering a one-time passcode to gain access to your account. This is done using an authenticator app that’s installed on your phone.
Third party data use
Under VPM’s privacy policy, your personal information is not shared with unauthorized third parties. Your data is not sold, rented, or provided to outside parties and your information is only used with third party partners (CRM, AWS, and email systems) to provide the services VPM offers.
Risk mitigation and audits
VPM performs periodic security audits and penetration testing to mitigate risks and vulnerabilities in the system. VPM is also proactive in finding and fixing potential weaknesses within the organization's network and data infrastructure. Learn more about VPM’s vulnerability management process.
Bank level encryption for billing
Your payment data is encrypted and stored in PCI Compliant systems ensuring no one gains access to your credit card information.
Top grade surveillance
Sleep well knowing that every VPM location has high resolution security cameras, alarms, and door access control systems to guard your mail from unwanted visitors. All mail processing is monitored for additional safety.