|Data Protection Policy
In the course of business, Employment Advisory Services, Inc. (“EASI”) obtains employee data from its clients which are necessary in order for our firm to effectively deliver consulting services, including delivery of client reports. EASI is committed to protecting the confidentiality of the data provided to us by our clients, and recognizes the importance of protecting the confidentiality of employee data. Accordingly, EASI has implemented the following data protection policy and procedures.
I. Data Center Physical Security
The facility that houses EASI’s data center is controlled and monitored 24 hours a day by an outside security company. The EASI data center itself is housed in a secure room within that facility, accessible only to key-authorized staff. During nonbusiness hours, access to the building, floor and suite are controlled and monitored by security personnel and electronic alarms.
II. Data Transfer to EASI
The manner of transfer of client data to EASI, and of reports from EASI to the client, is dictated by the client. EASI makes every effort to meet the client’s specifications in this regard.
III. Data Security Controls
EASI will not rent, sell, share, transfer, or otherwise disclose client data to anyone outside of EASI other than the authorized representatives of the EASI client who provided that information. Each EASI client’s data are maintained separately from other EASI client data. Access to each client’s data is restricted through the use of networking and computer access controls. Access to a client’s data is limited only to those EASI personnel authorized to work on the data. None of the EASI computers that hold raw and production client data are accessible via the web.