Skip to Main Content
OnTask keeps you secure and compliant

Taking a Look at OnTask’s Security & Compliance Measures

When considering an eSignature or workflow automation solution for your business, taking security and compliance into account is one of the most important things you’ll do. We’ve compiled this guide to some of OnTask’s most important security and compliance features to make your research easier. 


How OnTask Makes Staying in Compliance Simple:

OnTask makes staying in compliance easy, by adhering to some of the most important regulatory compliance measures out there. Take a look at our compliance standards:

HIPAA Compliance

OnTask is a HIPAA compliant platform. Simply put, HIPAA is a federal law mandating how patient data is shared and protected, and is applicable to all medical facilities including dermatologist offices, doctor’s offices and therapy practices to name a few.

To be HIPAA compliant, all online or digital patient data must meet certain security requirements in order to safeguard this info in the event of a data breach. Please note, covered entities that wish to use OnTask to store information under HIPAA compliance must have at least one OnTask Organization on the Premium Plan and execute a Business Associate Agreement (BAA) with OnTask. BAA’s are available upon request.

FERPA Compliance 

OnTask is also FERPA compliant, making it a great choice for schools, universities and other educational institutions that abide by this federal regulation. Under FERPA, student data must be protected from unauthorized users, as well as accessible to authorized users like the students themselves, parents and staff members.

For more information on HIPAA and FERPA compliance, check out this useful resource.


Additionally, OnTask is an SOC 2 compliant solution. SOC 2 is a voluntary compliance standard which details how digital companies should handle customer data. SOC 2 compliance is achieved upon proving the system is designed to protect client data.


Security Features:

Security is a top priority for us. Learn about some of the features we use to keep you and your customers data safe:

256-bit AES and TLS Encryption

AES, also known as Advanced Encryption Standard, is a fast and extremely secure method of encryption. Now, a 256-bit AES encryption is regarded as virtually unbreakable. Most browsers, government agencies, and even military organizations use this as their standard. OnTask is fully compliant with 256-bit AES for HIPAA.

TLS stands for Transport Layer Security, and is a method for encrypting data in transit over the internet, and is essential for protecting personal data like credit cards, social security numbers, and more. OnTask encrypts data at rest and in-transit, to ensure no vulnerabilities when it comes to customer data protection.


Tamper Proof Documents and eSignatures

Tamper proof documents aren’t just for physical paper. OnTask features tamper proof digital documents, enforced by two-token authentication. This means that only specified parties have access and are able to sign or make changes to documents sent through the OnTask system. Such measures are crucial in the event a document is contested in a court of law.


OnTask: Security and Compliance Simplified.

At OnTask, your data privacy and security is important to us. We’re proud to employ industry-leading security standards that make staying in compliance a no-brainer for employees, and allow you to focus on what’s important at your business.

 If you still have questions about how OnTask keeps data safe, contact us.