Privacy Overview -- Ensuring compliance with global privacy laws and data protection standards
At ASC Networks Inc. (ASC), protecting and ensuring the privacy and security of our customers' data is of highest priority. Our enterprise grade privacy program, secure data management infrastructure and flexible tools provide the foundation for the essential trust we establish and nurture with our customers.
In addition, our industry-leading contract lifecycle management (CLM) software, document management, form management and pricing & quoting lifecycle solutions are flexibly configured and enhanced to enable our customers' unique business requirements and to help ensure compliance with global privacy regulations and data protection standards.
Global Privacy Laws
There are many global laws and frameworks governing the use of personal data or information, including:
- Healthcare Insurance Portability and Accountability Act of 1996 (HIPAA)
- Financial Modernization Act of 1999 or Gramm-Leach-Bliley Act (GLB)
- State level data privacy breach notification laws
- Personal Information Protection and Electronic Documents Act of 2000 (PIPEDA)
- Provincial level privacy laws affecting both public and private sectors
- Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (EU Data Protection Directive)
- Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications (EU E-Privacy Directive)
- Japan Law on Protection of Personal Information of 2003
- Asia-Pacific Economic Cooperation (APEC) Privacy Framework
Common Privacy Criteria
The laws vary greatly country to country and region to region, but there are a number of common criteria involved in defining those laws and frameworks:
- The level and type of information that must be provided to individuals about how and with whom their data may be shared as well as when and how they are informed of same.
- Individual choice about what information is collected about them and how this information is to be used.
- Individual access to information as well as options to request that their information be edited or deleted.
- Necessary security measures for the handling and protection of personal information such as administrative, technical and physical safety measures.
Customer Defined Data Collection
With ASC's contract management solutions and other data management solutions, customers define the level and type of data that is collected in their tailored solutions.
ASC Data Privacy and Security Measures
ASC solutions provide the mechanism to automate the creation, attachment, storage, management and administration of the data and documentation; intuitively search and report on all data; set custom notifications to flag alerts and milestones; and business rule-based approvals workflows. In doing so, ASC solutions help ensure that our customers comply with all necessary data privacy laws and regulations as pertain to the customers country/regional requirements as well as their industry standards and regulations. This includes the privacy criteria mentioned in the section above.
Furthermore, ASC does not collect personal data on behalf of our customers nor do we have access to customer data in the solutions deployed for our customers (except under unique and limited circumstances). ASC also maintains the highest industry standards as pertains to administrative, physical and technical data safeguards to help protect customer data security, confidentiality and integrity. ASC's customers are responsible for ensuring their customer data security in their use of their deployed service.
For more information about ASC's advanced data privacy and data security measures, please contact us.