Home » InboxDone’s Help Center » Virtual Assistant Security, Privacy, & Compliance

Virtual Assistant Security, Privacy, & Compliance

virtual assistant security checklist

Summary:

InboxDone maintains data security through the use of VPNs and password managers that prevent assistants from seeing or storing login credentials. The service assigns two dedicated assistants to each account to ensure continuous coverage and prevent data backlog during absences.

All personnel complete security training and sign legally binding confidentiality agreements as part of the hiring process. Permission to access accounts can be revoked immediately through the central credential system. Assistants are located in the United States, Australia, and Western Europe to meet professional communication standards for clients.

Table of Contents:

How does InboxDone protect the privacy of my email and business data?

InboxDone protects client data through controlled access, secure tools, and strict internal processes. Assistants access accounts using password managers so they never see or store your passwords.

All assistants use VPNs when accessing client systems. This adds an extra layer of protection when working inside email, calendars, CRMs, and help desk tools. Data access is limited to what is required to perform assigned tasks.

Virtual-Assistant-Security-Privacy-Compliance

Are InboxDone virtual assistants trained in data security?

Yes! All InboxDone assistants complete security training as part of the hiring and onboarding process. This includes handling sensitive information, account access protocols, and confidentiality requirements.

Assistants are trained to recognize security risks and follow documented procedures for data handling. These standards are reinforced through ongoing supervision. Security expectations are non-negotiable and monitored continuously.

Will my virtual assistant see my passwords?

No. InboxDone assistants never see or store your passwords. Access is provided through password managers such as LastPass or your preferred alternative.

Assistants log in using shared credentials without visibility into the underlying passwords. This allows secure access while maintaining control on your side. Access can be revoked instantly if needed.

Can InboxDone work with confidential or regulated industries?

InboxDone regularly supports professionals in regulated and confidentiality-sensitive industries such as law, accounting, healthcare administration, and finance.

Workflows are designed to limit exposure and separate sensitive information where necessary. Assistants follow strict guidelines on what can be handled directly and what must be escalated. Additional security tools or agreements can be implemented based on your requirements.

Do InboxDone assistants sign confidentiality or NDA agreements?

Yes, InboxDone assistants are bound by confidentiality agreements as part of their employment. Additional NDAs can be signed if required by your business.

These agreements cover access to client systems, communication content, and internal documentation.

How is access managed if I need to revoke permissions?

Access can be revoked at any time, and removal takes effect immediately. This is handled by:

  • Removing shared credentials or access links
  • Disabling permissions at the account level

Because assistants do not store passwords, access stops as soon as permissions are removed.

If needed, InboxDone can support offboarding by:

  • Completing documentation handover
  • Cleaning up folders, filters, and system access

You remain in control of all accounts and tools.

How does InboxDone ensure consistent service if one assistant is unavailable?

InboxDone assigns two dedicated assistants to every client. This ensures continuity if one assistant is sick, on leave, or transitions off the team.

Work is documented continuously, so either assistant can step in without disruption. This reduces risk and prevents inbox backlog. Clients do not experience coverage gaps or service interruptions.

Where are InboxDone assistants located?

The majority of InboxDone assistants are based in the United States, with additional assistants located in Australia and Western Europe. This supports strong communication and cultural alignment.

All assistants are native English speakers with professional writing experience. Location is selected to support coverage needs and quality standards. InboxDone does not rely on low-cost offshore labor.

How does InboxDone monitor quality and compliance?

InboxDone operates as a managed service rather than a marketplace, with quality and compliance handled centrally through:

  • Ongoing support and supervision for assistants
  • Performance oversight and regular reviews
  • Clear documentation and internal processes

Quality is reinforced through feedback loops and proactive issue resolution, so problems are addressed quickly instead of being pushed to the client. This structure reduces risk and supports long-term reliability.

Is my data used for AI training or shared externally?

InboxDone does not use client data to train public AI models or share it externally. Any AI tools used are applied internally to assist productivity, not to store or redistribute information.

Sensitive content remains private and under client control. Data usage boundaries are respected at all times.

What should I do if I have specific compliance or security requirements?

If you have specific compliance needs, these are discussed during the discovery and onboarding process. InboxDone can adapt workflows, access controls, and tools to meet your requirements.

This may include additional security tools, approval steps, or documentation practices. Clear expectations are established before assistants begin work.

New Client Application: Book Your Discovery Call

Click the button to open up a short new client application form, then choose a day and time for your call with one of our team.

We’ve Explained The How, The What, And The What-Ifs…