Privacy+ Certification is administered by Professional Records and Information Services Management International (PRISM), a trade association for commercial information management companies. Only companies that meet or exceed the highest standards for information protection are awarded the Privacy+ Certification. Internal privacy controls are verified every two years by a third-party auditor to verify compliance with PRISM’s Privacy+ Certification program.
Here are several ways Privacy+ Certification offers the highest level of protection for your information and ensures regulatory compliance for your business.
RIM providers protect business records and data that contain confidential information, ranging from corporate trade secrets to Personally Identifiable Information (PII). To achieve Privacy+ Certification, RIM service providers must follow organizational structures with clearly defined employee roles and responsibilities. Strong manager oversight of staff ensures that employees comply with information management and privacy protection policies in a uniform way whenever records and data are handled, transferred, or destroyed.
You need to have complete trust in your RIM provider. A Privacy+ Certification gives you peace of mind that your information will be protected from unauthorized access at all times. Once a thorough risk assessment of your records is done, it is used to create a threat mitigation plan for your company. The following security measures control physical access to the facilities and vehicles used to pick up and transport your information:
- Entry point access control
- Motion sensors
- Intrusion alarms
- Security video monitoring and recording
All delivery vehicles feature GPS tracking and are equipped with cargo areas that have dual-key, automatic locks. Pre-employment screening is performed on all employees, including criminal, credit and reference checks. Employees are also required to sign confidentiality agreements.
Protection from environmental risks
A Privacy+ Certified provider uses facilities equipped with technology systems that minimize environmental threats. Risk assessments include evaluating protection against fire, flood and other natural disasters. For example, a professional records centre operated by a Privacy+ Certified RIM provider will feature:
- In-rack sprinklers
- Smoke, heat and fire detectors
- Central alarm monitoring
Information and network security
You need a RIM provider who can guarantee you the online information access you need without the danger of hacking, viruses and the cyber attacks which are now commonplace. A Privacy+ Certified provider allows its clients to manage, record and track their information, while implementing security practices to prevent unauthorized access to applications, networks and operating systems that contain your data.
A range of security measures are used to protect your digital information:
- Quarterly external vulnerability scans
- Formal user registration and de-registration procedures
- Firewalls, anti-virus, and anti-malware utilities
Privacy+ Certification ensures that the company you trust with your sensitive information is doing everything it can to protect the privacy of that information.
FileBank is a Privacy+ Certified records and information management provider that serves all of Canada. For more information about our services, please contact us by phone or complete the form on this page.