OUR EDGE

Data Security: Security for clients who wish to be 100% confident that their confidential data is protected.

As users and holders of client data, we understand the seriousness of our responsibility to protect client and consumer data and to ensure compliance with all federal and state regulatory mandates as well as our clients’ security requirements. The ACSI Edge offers multi-level security for clients who wish to know that their confidential data is protected and controls are in place to do just that:

Security compliance is complex and covers a broad range of activities, including information (financial, healthcare, personnel, and so forth), physical (facilities, work areas, and so forth), systems (networks, servers, and so forth), and regulatory governance (FISMA, HIPAA, and so forth). Non-compliance with any of these complex security compliance requirements has several ramifications that affect a number of stakeholders — ACSI, our clients and their consumers, and regulatory bodies. ACSI has therefore taken several steps to ensure broad comprehensive security compliance and certification that include:

R

PCI Compliant

R

Red Flag Rule

R

FISMA

R

HIPAA/HITECH

R

Nevada NRS 603a

R

Massachusetts 201 CMR 17.

R

CFPB Readiness

R

HITRUST CSF

R

SSAE-16 Type II (SOC 1) audit

R

Biannual internal and external PEN testing by 3rd party auditor

R

Monthly Network Scans

R

Risk Assessment and Treatment

R

Security Policies

R

Organization of Information Security

R

Asset Management

R

Human Resources Security

R

Physical and Environmental Security

R

Access Control

R

Information Security Incident Management

R

Business Continuity Management

R

TECH LOCK® Certified Program