Is Storing Documents in the eFOB Platform Secure? 

Yes, provided that the platform we choose operates in accordance with certified security processes. The eFOB Platform complies with ISO 27001:2022. It uses two-layer document encryption, full action audits, and backups in European data centers. This ensures that digital personnel files are protected in accordance with GDPR and remain resistant to deletions, errors, and ransomware attacks. This article explains why the eFOB personnel file is one of the most secure and transparent eFile systems on the market today. 

What Makes the eFOB Platform Stand Out? Key Security Features of Digital Personnel Files 

The eFOB Platform is a secure system for managing digital personnel files, designed in accordance with ISO 27001:2022. All data is encrypted during transmission and storage, and user access is controlled by a precise role model and full action audits. 

The system operates in European Microsoft Azure data centers and uses multi-layer backups to protect documents from loss, user errors, and ransomware attacks. 

The platform manages the entire lifecycle of HR documentation: from adding a document, through saving subsequent versions and change history, to long-term, compliant storage. This ensures a stable, GDPR-compliant environment that allows for the recovery of every operation. The result is a guarantee of confidentiality, integrity, and accountability of personal data.

Accountability means the ability to verify who, when, and what was done with a document. 

Every operation—opening, downloading, modifying, or deleting—is recorded, allowing the full history of data processing to be reconstructed at any time and GDPR compliance to be confirmed. 

What Makes the eFOB Platform Secure? 

ISO 27001:2022 standard, RSA4096/TLS encryption, backups in two European data centers, and full user action accountability. 

Is the eFOB Platform GDPR Compliant? 

Yes. The system meets the requirements of Articles 5 and 32 of GDPR, applying security procedures in line with ISO 27001 and personal data protection principles. 

Does eFOB Meet Security Requirements for Digital Personnel Files? 

Yes. eFOB uses encryption, environment segmentation, access control, and current ISO 27001 standards for digital personnel files. 

How Are Documents Secured in the eFOB Platform? 

Each document is encrypted, virus-scanned, and stored in multiple locations within the Azure infrastructure. 

How Does eFOB Protect Data from Loss? 

eFOB protects data from loss by applying the 3-2-1 rule: maintaining three copies of data on at least two independent media, with one copy stored outside the main system location. 

Where Is the Data Stored? 

In European Microsoft Azure data centers, in compliance with GDPR. 

What Is a Digital Personnel File? 

It is an electronic employee file that collects all documents in one place and records the complete history of changes. Thanks to audits and built-in security measures, it protects personal data at every stage.

What Is an Employee eFile, and Is It Secure? Key Information About Digital Personnel Files 

An Employee eFile is a digital employee file that enables secure storage and management of HR documentation online. Digital personnel files contain particularly sensitive data—such as identity, employment, salary, or health information—so their protection requires the highest security standards. 

The eFOB Platform is designed to provide full resilience to threats in a digital environment. The system uses data encryption, multi-layer backups, access control, user action audits, and mechanisms compliant with the ISO 27001:2022 standard. 

The platform processes personal data in accordance with GDPR principles—minimization, confidentiality, integrity, and accountability. It meets the requirements of Articles 5 and 32 of GDPR, combining technical measures (encryption, access control, backups) with organizational solutions: authorizations, incident handling procedures, and regular security audits. This ensures full transparency and accountability for all document operations.

What Is ISO 27001:2022, and What Does It Change for the eFOB Platform? 

ISO 27001:2022 is the most important international information security management standard. Its latest version introduces a number of requirements that are crucial for the security of the eFOB Platform. Compared to the 2013 version, the standard is enriched with: 

• • Cloud environment security, 
  • Supply chain protection (integration and subcontractors), 
  • Mandatory ransomware threat analysis, 
  • Enhanced incident detection and handling procedures, 
  • Full risk management throughout the data lifecycle. 

Most importantly, eFOB holds current ISO 27001:2022 certification and operates according to processes that are regularly audited. This means that the security of the eFOB Platform is not just a declaration but a confirmed, documented standard of data protection. 

How Does eFOB Encrypt Data and Secure Communication? 

Key fact: All connections to the eFOB Platform are encrypted. This is a fundamental element of digital personnel file security. 

This means that: 

• • Data transmission takes place via the TLS protocol (Transport Layer Security), 
  • All communication is protected against modification and unauthorized access. 

This ensures the secure transfer of documents and employee data in an online environment. 

How Does the eFOB Platform Store and Protect Documents? (Data Encryption “At Rest”) 

All documents in the eFOB Platform are encrypted during storage. The system applies a double layer of protection: 

• • Encryption at the Microsoft Azure infrastructure level,
  • Encryption at the eFOB Platform level, where each document receives its own individual key. 

This ensures that even in the event of physical access to disks or infrastructure, the data remains completely unreadable and useless to unauthorized persons. 

Why Are Documents in the eFOB Platform Stored in PDF Format, and What Does the PDF/A Standard Provide? 

The eFOB Platform stores documents in PDF format because it is the most universal and stable format for sharing, viewing, and storing HR files for many years. 

To ensure that documents remain readable, complete, and consistent with the original even after 5, 10, or 50 years, we recommend using the PDF/A standard—a special version of PDF designed for long-term archiving. 

What Is PDF/A? 

PDF/A is a special, standardized variant of the PDF format designed for long-term document storage. Its purpose is to ensure that the file remains readable and identical regardless of the passage of time, the software used, or the operating system. 

To achieve this, PDF/A excludes elements that could prevent the document from opening correctly in the future, including: 

• • External fonts, 
  • Scripts and dynamic elements, 
  • Multimedia, 
  • Any external dependencies. 

All content—text, images, fonts, and metadata—must be embedded in the file itself. 

This ensures the durability and immutability of the document: the file will look the same after 5, 10, or 50 years, regardless of the device and program used to open it. 

More About PDF/A 

Official information about the PDF/A standard can be found here: 

• • PDF Association (ISO 19005-1): https://pdfa.org/resource/iso-19005-1-pdf-a-1 
  • Library of Congress – PDF/A format description: https://www.loc.gov/preservation/digital/formats/fdd/fdd000318.shtml 

PDF/A Standard Family 

• • ISO 19005-1:2005 (PDF/A-1) – based on PDF 1.4. 
  • ISO 19005-2:2011 (PDF/A-2) – based on PDF 1.7 (ISO 32000-1), introduces newer PDF features. 
  • ISO 19005-3:2012 (PDF/A-3) – allows attachments, such as XML or CSV files. 
  • ISO 19005-4:2020 (PDF/A-4) – based on PDF 2.0 (ISO 32000-2); this is the latest PDF/A standard. 

Why Is PDF/A Important for Digital Personnel Files? 

In HR documents—such as contracts, certificates, or forms—it is crucial that files: 

• • Remain readable and identical even after many years, 
  • Retain layout, fonts, structure, and metadata, 
  • Allow text search, 
  • Do not require special or outdated software to open, 
  • Are independent of external resources (fonts, scripts, multimedia), which translates into their durability and resistance to the passage of time. 

The PDF/A standard meets all these requirements. This ensures that documents in the eFOB Platform can be safely stored for decades without the risk of losing readability or compliance with the original. 

How Do eFOB Platform Backups Work? 

eFOB uses redundant backups on independent media and in separate locations, protecting digital personnel files from loss, failure, and ransomware attacks. 

File and Database Backups: 

• • 3 copies in different regions of the main data center, 
  • 2 different types of media used for storage, 
  • 1 additional copy in a second data center, 
  • Full history of document versions, 
  • Storage for 30 days. 

Most importantly: durability at the level of “11 nines.” 

This means that the probability of losing a single document is practically zero. This is one of the highest levels of data durability used in modern cloud services. 

Did You Know? What Does “11 Nines” Durability Mean? 

This is shorthand for 99.999999999% data durability (11 digits of “9”). It refers to how small the probability of file loss is. 

In Practice: 

• • This means that a document practically cannot be lost, 
  • The risk of losing one copy is about 1 in 10 billion (for comparison, the probability of winning the lottery is 1 in 86 million), 
  • This is the standard used by leading cloud providers (e.g., Microsoft Azure, Amazon S3). 

How Do Roles and Permissions Work in the eFOB Platform? 

In eFOB, each user is assigned a specific role, such as: 

• • Company owner, 
  • Administrator, 
  • HR department, 
  • Employee. 

Each role has precisely defined permissions, ensuring that access to documents is limited only to those who truly need it. This access control model implements the “least privilege” principle required by GDPR. 

The system additionally records all user actions, ensuring full accountability and transparency of operations performed in the eFOB Platform. 

How Does eFOB Protect Digital Personnel Files from Loss and User Errors? 

eFOB applies several layers of security to protect documents from accidental deletion, overwriting, or unauthorized actions. The most important mechanisms include: 

• • Document version history (document versioning) – every change is saved, and previous versions can be easily restored, 
  • Trash and instant recovery – deleted files can be restored in seconds, 
  • Blocking suspicious sessions – the system automatically stops unusual or risky actions, 
  • File scanning when adding – protection against malicious or corrupted documents, 
  • Automatic retention rules – documents are stored in accordance with regulations and HR policy. 

Most importantly: document recovery in eFOB takes literally seconds, ensuring that the HR department’s work remains safe and uninterrupted.

What Does the Security of the Personnel File Digitization Process Look Like? 

Secure digitization of personnel files is a multi-stage process in which every step must protect employee data. In eFOB, this includes: 

• • Receiving files with sealing, 
  • Secured document transport, 
  • Scanning in accordance with technical requirements for HR documentation, 
  • OCR and indexing performed only by authorized personnel, 
  • Data transfer protocols between teams, 
  • Permanent, secure deletion of working copies after the process is completed. 

The entire digitization process is carried out in accordance with GDPR and the security procedures described in ISO 27001, ensuring full protection of personal data at every stage. 

Table: Key Security Features of the eFOB Platform 

FAQ – Frequently Asked Questions About the Security of the eFOB Platform

Does eFOB Meet Security Requirements for Digital Personnel Files?

Yes. The system operates in accordance with the ISO 27001:2022 standard and uses proven Microsoft Azure security mechanisms.

2. Where Is the Data Stored?

In European Azure data centers, in compliance with GDPR.

3. Are Documents Encrypted?

Yes. Data is encrypted both in transit (TLS) and at rest—each document has its own key.

4. Can a Deleted Document Be Recovered?

Yes. The system offers trash, version history, and instant recovery.

5. Is eFOB Resistant to Ransomware?

Yes. Thanks to antivirus scanning, version history, and multi-layer backups.

6. Does eFOB Audit User Actions?

Yes. Every operation is recorded, ensuring full accountability.

7. How Often Are Backups Performed?

Daily.

8. Do HRobots Employees Have Access to Client Data?

No. Access is strictly limited to service processes and supervised by ISO 27001 controls.

9. Does the eFOB Platform Meet GDPR Requirements?

Yes. The system applies technical and organizational protection measures required by GDPR, including data encryption, access control, operation logging, risk analysis, and incident handling procedures.

Key Facts About the Security of the eFOB Platform 

• Transmission encryption (TLS 1.2+) and GeoTrust RSA4096 SHA256 SSL certificate – protection of data “in transit” against interception and modification. 

• Double encryption of data “at rest” (Azure + eFOB keys) – full protection of documents stored in the eFOB Platform. 

• Multi-layer backups – protection against data loss. eFOB applies the 3-2-1 rule, ensuring three copies of data on at least two independent media, with one copy stored outside the main system location. 

• ISO 27001:2022 certification – confirmed, audited information security processes. 

• Compliance with GDPR (Articles 5 and 32) – technical and organizational measures meet personal data protection requirements. 

• Data processed exclusively in European Microsoft Azure data centers – compliance with data location and EU regulations. 

• Full history of document versions and changes – ability to restore previous versions and full accountability of operations. 

• Audit of every user action – tracking access and actions for security and GDPR compliance. 

• Antivirus scanning when adding files – protection against malicious documents and ransomware. 

• Protection against unauthorized access – role control, blocking suspicious sessions, and granular permissions. 

 Checklist: What Must a Secure eFile Have? 

[✓] Data encryption – both during transmission and at rest 

[✓] Multi-layer backups – resilience to failures and ransomware 

[✓] Version history and full action audit 

[✓] Granular user roles and permissions 

[✓] Security incident handling procedures 

[✓] Environment segmentation and data separation 

[✓] European data centers (Azure) 

[✓] ISO 27001:2022 certification 

[✓] Compliance with GDPR (Articles 5 and 32) 

eFOB meets all these requirements. 

Summary: Why Is the eFOB Platform a Secure Digital Personnel File? 

The security of eFOB is not limited to technology alone. It is a comprehensive, multi-layer protection system that includes: Azure infrastructure, data encryption, processes compliant with ISO 27001:2022, access control, full action audits, backups, and secure document digitization. 

This ensures a stable and fully GDPR-compliant environment for managing digital personnel files. Organizations can safely transfer all HR documentation to the eFOB Platform without compromises and without the risk of data loss—while also avoiding hidden costs, time, and burdens associated with paper archives. 

Combining GDPR requirements with ISO 27001:2022 security procedures guarantees confidentiality, integrity, and accountability in the processing of employee data at every stage—from digitization, through storage, to the daily work of the HR department.