Frequently Asked Questions and Answers on Social Work Portal Security Processes |
The Social Work Portal is developed with the highest level of security protocols to be used for a wide range of organizations and clients including federal governments, state and local governments, large commercial enterprises, consulting firms and their clients, small & mid-sized businesses, non-profit organizations, agencies, educational institutions, healthcare & medical institutions, insurance companies, financial services firms, and more.
We apply a variety of security methods to ensure that the data you enter into our platform is safe, secure, meets regulatory compliance, and is available only to registered users that you add to your account. This page covers information about Social Work Portal’s data protection and security measures.
Table of Contents
- Social Work Portal Policies and Procedures
- International Regulatory Compliance Standards
- Social Work Portal Application Security
- Non-Disclosure Agreement (NDA)
- Social Work Portal Security (Encryption)
- Our Legal Obligations to Our Customers
- Data Backups
- Data Retention Policy
- Customer Data Privacy and Security
- Unique Credentials Protocols
- Secured Environment and Firewall
- Data Collection and Transmission Protocols
- Legal
- Privacy Policy
- PCI Compliance
- Our Commitment to the GDPR
- Social Work Portal Terms of Use
Social Work Portal Policies and Procedures
Our operational policies ensure that we provide all our Social Work Portal team members with the necessary practices to build upon the strong foundations of their security onboarding. We utilize these policies daily and review them regularly.
Social Work Portal has implemented the following internal policies:
- Information Security Policy
- Access Control Policy
- Backup Policy
- Change Management
- Data Classification Policy
- Data Protection Impact Assessment (DPIA) Policy
- Data Protection Policy
- Data Retention Policy
- Disaster Recovery
- Security Risk Management & Governance
- Third-Party Risk Assessment Process
Application Security
Security is at the forefront of Social Work Portal’s development mindset. We’ve built both internal and external security checkpoints into our application development pipeline.
Our Engineering team embraces the culture of peer-review, ensuring that our coding guidelines are followed and maintained. We validate our deployments with regular ongoing security assessments, conducted with industry-leading external vendors.
We strive to have a long-term architectural vision for our application security that is continuously evolving. As we build new features for our product, we identify reasonable opportunities to further this vision in iterations, while maintaining a conscious security mindset.
Data Backups
At Social Work Portal we use Database replication to keep your data safe in the case of system failure. Full database backups are taken every day, stored on safe locations, and kept for seven days as an electronic copy. In case two or more database nodes would fail concurrently we would have to revert to a backup.
Data backup does not apply to visitor visitations to our sites.
Data Retention Policy
Upon cancelling your account, Social Work Platform will maintain the account data for 60 days after which the account data will be deleted. Where applicable or required by law we will keep the records longer.
For Group Accounts, we will save your project data for 60 days after you have closed out a project. During this 60-day timeframe you can always reactivate the project, and continue working on it.
Customer Data Privacy and Security
Social Work Portal utilizes some of the most advanced technology for Internet security available today.
When you access our site using a supported web browser, Secure Socket Layer (SSL) technology protects your information using both server authentication and data encryption. When you log in and access any page on your account, you will see a small lock icon at the top left section – to the left of the page’s URL – indicating that a secure connection has been established to our server.
Unique Credentials Protocols
Social Work Portal provides each user in your organization with a unique username and password that must be entered each time a user logs in. Social Work Portal issues a session “cookie” only to record encrypted authentication information for the duration of a specific session.
The session “cookie” does not include either the username or password of the user.
Social Work Portal does not use “cookies” to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs.
Secured Environment and Firewall
In addition, Social Work Portal is hosted in a secure server environment that uses a firewall and other advanced technology to prevent interference or access from outside intruders. Customer Data is stored on a primary database server with multiple active clusters for higher availability.
Customer Data is stored on highly redundant carrier-class disk storage and multiple data paths to ensure reliability and performance. Backups are verified for integrity and stored in the same data centers as their instance.
International Standards
Social Work Portal takes the safety of its clients’ data very seriously.
We comply with a number of international standards, including PCI DSS, GDPR, FISMA, ISO/IEC 27001:2005, SAS 70 Type II, SysTrust, and Eu-US and Swiss-US Safe Harbor.
Data Collection and Transmission Protocols
Firewalls are in place exposing only the necessary ports through the internet and between different servers. Intrusion protection system (IPS) software is in place as a second layer of security, which will block access as soon as any suspicious login activity is detected.
Social Work Portal transmits data from the visitor’s browser to our system using HTTPS.
Social Work Portal Security (Encryption)
Data in transit is encrypted using the following protocols and ciphers:
- SSL Protocols
- SSL Ciphers
- Cross-functional data touchpoint protocols
Our Legal Obligations to Our Customers
Social Work Portal is committed to keeping your data private and secure. To this end, we have expressly stated how we will handle your private data.
For a greater understanding of the legal obligations Social Work Portal adheres to regarding data privacy, please refer to our Legal Statements, Privacy Statement, as well as our Terms of Use agreement:
- Legal
- Privacy Policy
- Non-Disclosure Agreement (NDA)
- PCI Compliance
- Our Commitment to the GDPR
- Social Work Portal Terms of Use
As outlined in the Privacy Statement, Social Work Portal does not review, share, distribute, print, or reference your data except as provided in the Social Work Portal Terms of Use, or as may be required by law.
For exact information, please refer to the Privacy Statement, as well as the Terms of Use agreement. These items can be viewed by clicking the relevant links above.
Email us if you have any questions: Contact us.