Phone.com Security

SOC 2, Type 11 Attested

Phone.com has successfully achieved SOC 2 Type II attestation, independently verified by Sensiba. Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 framework is one of the most widely recognized standards for evaluating how companies manage customer data. A SOC 2 Type II attestation confirms not only that appropriate security controls are in place but also that those controls operate effectively over an extended period of time.

The independent audit conducted by Sensiba evaluated Phone.com’s controls across the SOC 2 Security Trust Services Criteria (TSC).

 

HIPAA and HITECH Compliant Voice and Video

Phone.com’s video meeting service is secured using triple DES encryption, preventing unauthorized callers from breaking in or “ZOOM bombing” sessions. Any data stored on Phone.com servers containing protected health information (PHI), such as voicemails with personal medical information, is safely encrypted while at rest.

We are happy to offer BAAs where needed.


HIPAA Breach Notifications

For inquiries or to report a breach, please dial – (877) 977-6535

SSL encryption

Phone.com uses high-grade SSL (Secure Sockets Layer) encryption when we ask for confidential information, such as your username & password, and throughout our control panel. This keeps the data sent between your browser and our servers secure. You can verify this at any time by looking for a “lock” icon in the bottom right-hand section of your browser.

 

Customer proprietary network information

When you sign up with Phone.com, we will ask you to select a secure password which you will use to access your control panel. We will ask you to confirm administrative ownership of your account before we access it.  If you lose your password, you will be required to follow our password recovery process in order to gain access to your account.

This policy ensures that we do not release customer proprietary network information, such as provisioning data, configuration, and call logs, to unauthorized parties.

 

PCI Security Standards

Phone.com adheres to the Payment Card Industry Data Security Standard (PCI DSS) which is an information security standard for organizations that handle branded credit cards from the major card schemes. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council.

SOC 2 Attested
Business Phone System
How it Works Mobile & Web Apps Advanced Call Handling Video Meetings All Features
 
Add-ons
Live Receptionist ProSIM Cellular Mobility AI Routing and Scheduling Desk Phones and Accessories
Phone Numbers
Custom Toll-Free Local International Transfer Your Number
 
Solutions
Healthcare Legal Staffing Real Estate Professional Services Non-profit Government Growing Teams
Resources
Blog Log In Support Status Dashboard International Rates
 
Partners
Become a partner Partner Marketplace Partner Log In
Company
About Us Leadership News and Events Careers Press Contact Us
Follow

Facebook LinkedIn YouTube X / Twitter

How it Works Mobile & Web Apps Advanced Call Handling Video Meetings All Features
Live Receptionist ProSIM Cellular Mobility AI Routing and Scheduling Desk Phones and Accessories
Custom Toll-Free Local International Transfer Your Number
Healthcare Legal Staffing Real Estate Professional Services Non-profit Government Growing Teams
Blog Log In Support Status Dashboard International Rates
Become a partner Partner Marketplace Partner Log In
About Us Leadership News and Events Careers Press Contact Us

Facebook LinkedIn YouTube X / Twitter

SOC 2 Compliant
Copyright © 2026 Phone.com® All Rights Reserved.