Inside TDV - The Data Vault Blog
What Is PRISM Privacy Plus?
Every company faces questions about privacy and security provisions, but records management firms have always been held to a higher standard than most. This is largely due to the sensitivity of the information they help manage, where even the slightest error can have huge implications.
With that in mind, industry specific certifications have been developed over the years to reassure clients that all necessary precautions are being taken. PRISM Privacy+ is one of the leading third party programs in the world, where organizations must establish and have a third-party audit of internal controls designed to meet a specific set of control objectives to preserve information privacy.
However, it’s easy to claim that mantle without further discussion of the underlying compliance requirements. Prospective clients face immense pressure to meet legal regulations, and they need to know vendors satisfy the necessary standards to do business with them.
In order to maximize the trust generated by working with a Privacy+ certified organization, PRISM has designed their program to comply with all of the following regulatory directives:
- Health Insurance Portability and Accountability Act (HIPAA)
- Payment Card Industry Data Security Standard (PCI DSS)
- The Personal Information Protection and Electronic Documents Act (PIPEDA)
- Gramm-Leach-Bliley Act (GLBA)
- Sarbanes-Oxley Act (SOX)
- Federal Trade Commission (FTC) “Red Flags Rules“
- American Institute of Certified Public Accountants (AICPA) SSAE No. 16
- Family Educational Rights and Privacy Act (FERPA)
- Fair and Accurate Credit Transaction Act (FACTA)
- State level information security laws (including 201 CMR 17.00)
- European Data Protection Directive
The Data Vault is proud to be one of only 30 records centers (out of over 1,000 worldwide) to meet these stringent criteria, including annual audits to ensure continued practice. Our expert team works hard to provide the very best in confidential practices, and stands ready to customize any information management program to fit unique needs. Contact us today if you’d like to learn more about specific certifications or standards!