The Need for Data Security
Talking about security is typically the antithesis of what a creative company wants to focus on. There is little that seems exciting, inspiring or trendy about security, audits and compliance. But we believe it’s the key (and often missing) ingredient to successfully partnering with businesses in today’s technologically integrated world.
Industry-Leading Commitment to Data Security
At Streamworks, we are dedicated to developing and maintaining secure solutions that evolve with your unique business needs and are committed to partnering with you for your long-term success.
Providing a secure environment is about committing to a set of fundamentals, changing behavior and redefining expectations. Streamworks has a strong commitment to data security and have instilled it into every facet of our production environment. We are proud to be industry-leading in our commitment to on-going training, development and implementation of enhanced security measures and testing of our processes.
Our Information Security Program:
ISO 27002 International Standards - Streamworks has adopted the ISO 27002 international standard as the basis for our information security program. Our risk-based information security program consists of administrative, technical and physical controls to ensure the confidentiality, integrity and availability of data is maintained.
Security Awareness Training - We recognize that our employees are the first and best line of defense for protecting client data. All employees are made aware of their responsibilities and roles regarding the security of client data and our environment through ongoing security awareness training.
AT 101 SOC2 Type 2– Streamworks conducts annual SOC2 audits of our entire organization against the Security, Availability, Processing Integrity and Confidentiality principles.
- Security The security principle refers to the protection of the system resources through logical and physical access control measures in order to support the achievement of management’s commitments and requirements related to security, availability, processing integrity, and confidentiality.
- Availability The availability principle refers to the accessibility to the system, products, or services as advertised or committed by contract, service-level, or other agreements.
- Processing Integrity The processing integrity principle refers to the completeness, accuracy, validity, timeliness, and authorization of system processing
- Confidentiality The confidentiality principle addresses the system’s ability to protect information designated as confidential in accordance with the organization’s commitments and requirements through its final disposition and removal from the system.
Health Insurance Portability & Accountability Act (HIPAA) - Streamworks has implemented the necessary controls to enable compliance with the requirements as noted in the HIPAA/HITECH Security Rule and Breach Notification Rule. Our approach to HIPAA compliance allows us to handle our client’s needs without invalidating their own HIPAA compliance efforts.
PCI DSS - Streamworks is compliant with the Payment Card Industry Data Security Standard (PCI DSS), ensuring that we accept, process, store or transmit credit card information in a secure environment.