Why SendThisFile?
Get fully featured secure file transfers with end-to-end encryption, powerful security, privacy compliance and complete customization.

Meet Stringent Regulations with this Compliant File Transfer

Compliant file transfer

Regulatory Compliance

We are dedicated to providing industry leading security and regulatory compliance to our customers. SendThisFile, Inc. and our partners comply with specialized regulatory requirements that our small, medium, and Fortune 500 customers must meet. As such, we are able to provide a compliant file transfer service to customers who must meet stringent data privacy and data security regulations. Click here for a detailed list of all the laws and regulations SendThisFile adheres to.


As of May 25, 2018, a European privacy law, the General Data Protection Regulation (GDPR), is in effect. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. Since 2003, SendThisFile has always been committed to protecting customer's data and privacy and currently complies with both EU-U.S. Privacy Shield and EU Model Clauses. Read more about SendThisFile's GDPR commitment.

Our data centers are SOC compliant


Service Organization Control 2 (SOC 2), reports on various organizational controls related to security, availability, processing integrity, confidentiality or privacy. SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients.

Like other compliance mandates, it is not a simple but rather a complex set of requirements that must be reviewed and carefully addressed. SendThisFile only utilizes data centers that have achieved SOC 2 compliance.

Our tool can be configured for HIPAA compliance.


The Health Insurance Portability and Accountability Act (HIPAA) specifies a series of administrative, physical, and technical safeguards for covered entities and their Business Associates to use to assure the confidentiality, integrity, and availability of electronic protected health information. The HIPAA omnibus final rule narrowed the "conduit exception" for Business Associate agreements. However, it still recognizes courier services such as the USPS, UPS and their electronic equivalents as exceptions to the Business Associate agreement requirement. A key determinant in meeting or not meeting the conduit exception is the "transient versus persistent nature" of the service offered. SendThisFile, Inc. is a secure file transfer service and not a file storage service. This service is transient in nature and therefore meets the conduit exception.

If your firm requires a Business Associates Agreement, please let us know by contacting us at and we will provide our standard Business Associates Agreement for your review. Our Business Associate Agreement is available for our Enterprise level plans.

Compliant File Transfer

If your business has rules and regulations for safeguarding data, a compliant file transfer is a necessity. To discuss your requirements in more detail, contact a product specialist, or start out with a free plan today.