The security of your data is important to you, your customers/donors, and to us. That’s why we take pride in our security credentials. Check out the details for each measure below. (Disclaimer: Despite our best efforts, there is some boring corporate jargon ahead. Contact us if you’d like to learn about our credentials from a real person.)
Audits & Credentials
SOC II TYPE 2 AUDITED
The SOC II audit is meant to ensure that we have controls and processes in place to safeguard your equipment and data. This professional audit happens annually and looks at:
• Security • Process integrity
• Availability • Confidentiality
The Federal Financial Institutions Examination Council (FFIEC) performs periodic exams at our Grand Rapids and Lansing facilities. The FFIEC is responsible for creating the principles, standards, and report forms for federal exams of banks and credit unions by agencies like the FDIC and the NCUA. FFIEC exams focus on physical and electronic data security, as well as overall company stability with respect to financial health and management processes and structure. (Blech. See what we mean by corporate jargon?)
HIPAA AND HITECH COMPLIANT
Our staff is trained annually on the steps necessary to protect sensitive medical data as defined by HIPAA / HITECH laws.
Both of our facilities have multi-level security points, as well as 24-hour closed circuit surveillance with card scanner access into sensitive areas. These areas are only accessible by authorized and security-cleared individuals. Visitors are required to check-in and are escorted by an employee at all times.
We use state-of-the-art encryption technology; SSL certificates and three-tiered firewall protection. We safeguard your data by following the Gramm-Leach-Bliley and the Fair Credit Reporting Acts.
EMPLOYEE SCREENING PROCEDURE
All job candidates (new hires) are prescreened using a strict criteria. This includes (1) SSN verification and an address history look-up, (2) seven-year national criminal database search, (3) seven-year county courthouse search for felonies and misdemeanors (last three counties of residence), and (4) national sex offender registry check.
In addition to generator backup in case of an outage, our facilities (located 70 miles apart) serve as mutual backup to one another.
Our Document Reliability System (DRS) is key to ensuring quality in the print and mail process. It quickly identifies doubles, missing documents or insertion errors mid-stream without compromising the production process or audit trail. Mail does not leave our facility until all pieces are accounted for.
We use a 2D Bar Code on every document to ensure a match between the pieces in a statement mailing, including all pages and the envelope. A scan of the small code pairs all documents and provides data for audit and tracking reports.