Keeping Your Data Safe: Our Ongoing Commitment to Security

Keeping Your Data Safe: Our Ongoing Commitment to Security

We know security is top of mind for many people today. At Contacto, protecting your information is our highest priority. We want to earn your trust when it comes to keeping your data safe. We’re pleased to share that we’ve renewed our SOC 2 Type 2 certification, which incorporates controls relevant to HIPAA compliance. We’ve also renewed our PCI DSS certification to keep payment information secure.

Validating our security practices

SOC 2 Type 2 Certification

As a Contact center as a service (CCaaS), maintaining trust means stringent security controls on sensitive customer information. This year we renewed our SOC 2 Type 2 certification, which validates our security processes to meet strict industry standards over time. Specific areas covered include:

• Regular communication of changes to customers
• Robust internal access control to production environments
• Thorough system monitoring and ongoing risk assessments
• Reliable disaster recovery, data backup measures, and system availability
• Responsive system and security monitoring and incident response processes
• Effective employee onboarding and termination processes

These controls continue to evolve as we maintain the privacy and security of customer data and perfect our security systems.

HIPAA Compliance: A Shared Responsibility

For healthcare clients, we provide HIPAA business associate agreements (BAA) to ensure the safeguarding of sensitive patient information in line with healthcare regulations. While our SOC 2 report encompasses controls pertinent to HIPAA, achieving full compliance is a shared responsibility, necessitating both Contacto and our clients to diligently uphold their respective roles.

PCI DSS Compliance: A Shared Responsibility

For customers processing credit card payments, we comply with the Payment Card Industry Data Security Standard (PCI DSS) to protect sensitive payment data through encryption, access controls, and regular external auditing. Customers must also use our systems properly when processing payments to maintain PCI compliance.

Security as an ongoing effort

While compliance certifications are important, we don’t view security as just a box to check. Our team is dedicated to continuously strengthening protections through more advanced systems, employee training, and industry best practices. We’ll keep you updated on our progress.

We’re proud of our team’s hard work over the past year, and we’ll continue striving toward more robust security measures and accreditations in the future.

You can read more about our renewed SOC 2 Type 2, PCI  compliance, our security measures, and how we’re continually protecting your data on our security page.

Your security is always our top priority. We appreciate your trust in us.