Trust Center

Committed to security and compliance standards.

Customer trust is our top priority.

We deliver services to many active clients and their end customers, including enterprises, and small/medium-sized businesses in over 11 countries. Our customers include insurance carriers, financial services providers, healthcare service providers, manufacturers, retailers, and technical service providers, who trust us with their end customers' personal information. We know customers care deeply about privacy and data security, that’s why ServicePower has implemented policies, standards, controls, procedures, and systems to secure this content in transit or at rest. We also implement responsible and sophisticated technical and physical controls designed to prevent unauthorized access to or disclosure of customer content. Maintaining customer trust is an ongoing commitment, we strive to inform customers of the privacy and data security policies, practices and technologies we’ve put in place.

 

ServicePower's platform is developed and deployed on the Amazon Web Services (AWS) Cloud, which allows us to seamlessly benefit from the security, scale, and performance provided by the AWS Cloud. Amazon goes above and beyond to meet rigorous privacy and compliance standards for data safety, privacy and security. ServicePower leverages AWS compliance to enable a more nimble and agile method of delivering our services to our customers. Click here to read about AWS compliance.

Untitled design (9)
 

In addition, to support the claims that ServicePower technology provides a secure solution to our clients, we partner with Coalfire, an independent cyber risk management and compliance organization, for advisory, and compliance, technical testing, security audits and assessment of the ServicePower platform for the following: 

  • AICPA SOC 1 Audit Controls Report for ServicePower’s Systems and the Suitability of the Design of Controls.
  • HIPAA Privacy and Security Rule Services audit assess the controls in place to satisfy the requirements of the HIPAA Security Rule, as well as the requirements of the Breach Notification Rule as formalized by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 and the Omnibus Rule of 2013.
  • ServicePower Platform Penetration and Security Testing is aimed against the ServicePower environment to proactively discover flaws, weaknesses, and vulnerabilities. The objective of this service was to identify and safely exploit vulnerabilities that could lead to critical infrastructure service interruption, destruction of facilities or compromise of sensitive systems and data.

ServicePower also complies with a number of laws and regulations related to personal data privacy including:

Untitled design (10)

United Kingdom Data Protection Act 1998

eu com

European Union Model Clauses

 

gdpr

EU General Data Protection Regulation

hipaa_blue

Health Insurance Portability & Accountability Act of 1996

& 

Health Information Technology for Economic and Clinical Health Act

 

Compliance is an ongoing process. 

ServicePower is committed to continued compliance through  regular review of our internal policies, standards, controls, procedures and technological assessments as our organization grows and our technology evolves.

Coalfire_LinkedIn_Card

Request Report

If you are looking for additional certifications or compliance reports please contact us for a report.

Contact Us