Your Assets are in Good Hands.
Your customer lists and databases are valuable assets. Your commitment to the privacy and preferences of your customers is a legal agreement. As partners with you in managing these assets and complying with your commitments, we are consistently engaged in the training, expertise, and certifications required by the industry. We are proud to be SOC 2, HIPPA and American Express Vendor certified and we are prepared to discuss your compliance requirements at any time. For more information on the individual certifications please select from the items below.
Security and Organizational Control for Risk Mitigation
What is a SOC 2 Report?
There are three types of SOC reports––SOC 2 is a System and Organization Control 2 report, which demonstrates that an organization has the necessary controls in place to mitigate risks for the services they provide.
Many companies outsource their IT infrastructure to service organizations like data centers and cloud hosting providers (e.g., Amazon Web Services).
Service organizations will obtain a SOC 2 report in an effort to demonstrate to clients and stakeholders that they have certain controls in place to adequately protect client servers and sensitive data, and to mitigate risks associated with security, confidentiality, processing integrity, and privacy.
How Does This Benefit Customers?
A SOC 2 report provides a higher level of assurance that a service organization has the right procedures and controls in place to provide constant and reliable services when performing critical operations.
SOC 2 designations also ensure that an organization’s controls are appropriately designed and operating effectively to mitigate risks like cyber attacks or data breaches.
All In One Direct Marketing Solutions has obtained a SOC 2 report so that we may better serve our clients’ needs while demonstrating compliance with their information security policies and procedures.
SOC 2 COMPLIANCE
Information security is important for all organizations, including those that outsource key business processes to third-party vendors (such as direct marketing and technology providers). Rightfully so, since mishandled data can leave enterprises vulnerable to risks, such as data theft, extortion, and malware installation. SOC 2 is an auditing framework that ensures your service providers securely manage your data to protect the interests of your organization and its clients.
SOC 2 CERTIFICATION
SOC 2 certification is issued by outside auditors. They assess the extent to which a vendor complies with one or more of the five trust principles based on the systems and processes in place.
All In One Direct Marketing Solutions’s SOC 2 audit addresses the security principle. The security principle refers to protection of system resources against unauthorized access. Access controls help prevent potential system abuse, theft or unauthorized removal of data, misuse of software, and improper alteration or disclosure of information.
WHAT DOES IT MEAN FOR YOU?
All In One Direct Marketing Solutions’s SOC 2 audit means that an external auditor performs tests and provides an independent opinion about our system. We undergo annual audits to ensure the requirements the security trust principle are met and that we remain SOC 2 compliant. This is one of the many ways that we demonstrate how important we take security for our business and our customers.
Health Insurance Portability and Accountability Act
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance. Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment, or operations) must meet HIPAA Compliance. Other entities, such as subcontractors and any other related business associates must also be in compliance.
As an American Express Approved Vendor we have met the requirements of obtaining data under the scrutiny of American Express based on their review of our facilities and data processing techniques.