At ServicePower, customer trust is our top priority.

We deliver services to many active clients and their end customers, including enterprises, and small/medium sized business in over 11 countries. Our customers include insurance carriers, financial services providers, healthcare service providers, manufacturers, retailers, and technical service providers, who trust us with their end customers personal information. We know customers care deeply about privacy and data security, that’s why ServicePower has implemented policies, standards, controls, procedures and systems to secure this content in transit or at rest. We also implement responsible and sophisticated technical and physical controls designed to prevent unauthorized access to or disclosure of customer content. Maintaining customer trust is an ongoing commitment, we strive to inform customers of the privacy and data security policies, practices and technologies we’ve put in place.


ServicePower platform is developed and deployed on Amazon Web Services (AWS) that allows us to benefit from the leverage security, scale, and performance of the AWS Cloud. Amazon goes above and beyond to meet the rigorous privacy and compliance standards for data safety, privacy, and security and ServicePower leverages AWS compliance to enable a more nimble and agile method of delivering our services to our customers. Click here to read about AWS compliance.


cloud-security-alliance

pci_ssc_participating_org

SOC Logo SOC Logo SOC Logo

In addition, to support the claims that ServicePower technology provides a secure solution to our clients, we partner with Coalfire, an independent cyber risk management and compliance organization, for advisory, and compliance, technical testing, security audits and assessment of the ServicePower platform for the following: 

  • AICPA SOC 1 Audit Controls Report for ServicePower’s Systems and the Suitability of the Design of Controls.
  • HIPAA Privacy and Security Rule Services audit assess the controls in place to satisfy the requirements of the HIPAA Security Rule, as well as the requirements of the Breach Notification Rule as formalized by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 and the Omnibus Rule of 2013.
  • ServicePower Platform Penetration and Security Testing is aimed against the ServicePower environment to proactively discover flaws, weaknesses, and vulnerabilities. The objective of this service was to identify and safely exploit vulnerabilities which could lead to critical infrastructure service interruption, destruction of facilities or compromise of sensitive systems and data.

ServicePower also complies with a number of laws and regulations related to personal data privacy including:


UK DPA

United Kingdom Data Protection Act 1998

 

EU Model Clauses

European Union Model Clauses

HIPAA and HITECH
Health Insurance Portability and Accountability Act of 1996 & Health Information Technology for Economic and Clinical Health (HITECH) Act

GDPREU General Data Protection Regulation


coalfire penetration testingCompliance is an on-going process, and ServicePower is committed to continued compliance through  regular review of our internal policies, standards, controls, procedures and technological assessments as our organization grows and our technology evolves.

If you are looking for additional certifications or reports, please contact us.

 Request a Report