SECURITY STATEMENT

SECURITY STATEMENT

Revised March 23, 2017

Calibrum provides a security statement with a promise to protect your data and adhere to industry standards.

Data security is very important to us at Calibrum. Many of our clients demand the highest levels of data security and have tested our system to be sure it meets their standards. In each case, we have surpassed expectations and received high praise from elite companies.

Calibrum’ most important concern is the protection and reliability of customer data. Our servers are protected by high-end firewall systems, and vulnerability scans are performed regularly. Complete penetration tests are performed yearly. All services have quick failover points and redundant hardware, and complete backups are performed nightly.

Calibrum uses Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data. We also protect surveys with passwords and HTTP referrer checking. Our data is hosted by third party data centers that are SSAE-16 SOC II certified. All data at rest are encrypted, and data on deprecated hard drives are destroyed by U.S. DOD methods and delivered to a third-party data destruction service.

Calibrum deploys the general requirements set forth by many Federal Acts including the FISMA Act of 2002. We meet or exceed the minimum requirements as outlined in FIPS Publication 200.

HIPAA Statement: With some restrictions, Calibrum may be designated as a Business Associate when the Calibrum BA Agreement is signed with a Covered Entity—those organizations that are required to comply with HIPAA privacy rules. All client data are considered confidential, and treated as such, with no specific designation (such as medical (PHI), PII, or public). Therefore there is a duty of care that Calibrum must have with PII data.

Related to HIPAA, HITECH (Health Information Technology for Economic and Clinical Health Act) are updated assessment rules to ensure that data are properly protected and best security practices followed. By using secure and certified data centers, Calibrum ensures the highest protection and testing as per HITECH requirements.

Rest assured, your data is safe with Calibrum.

Questions regarding this statement may be sent to support@calibrum.com.