Broker
Employer
Employee
Security
UZIO is an ISO/IEC 27001:2013 certified organization and is also SOC 1 Type 2 & SOC 2 Type 2 attested.
The core of information security is information assurance, the act of maintaining the confidentiality, integrity and availability of information, ensuring that information is not compromised in any way when critical issues arise.
DATA RELIABILITY
- Data Centers are managed by Amazon over its cloud. Data Centers are located in multiple zones across the US.
- Daily Backups are scheduled for critical resources/data and are archived as per HIPAA Standards
- The Data Center backups provide up to 99.99% reliability
INFORMATION SECURITY & MONITORING
- Controls are designed as per NIST 800-66 (HIPAA Security Rule). SOC 1 & SOC 2 Type-2 audits and external penetration tests are performed annually
- Vulnerability assessments are performed half-yearly
- Application security scans happens along with each penetration test
- Firewall over private ISP for limited access of internet and other tools in the office premises
ACCESS CONTROLS
- Access to sensitive client resources are tightly bound with physical and logical security controls
- Separate area (cleanroom) is allocated for accessing such resources
DATA OWNERSHIP
Data provided by customers is kept safe with multiple security layers. If a customer wishes to leave UZIO, then upon request, all the data and account information or any other reference can be deleted within 30 business days. Snapshot of final data before deletion (in some export files) can also be shared upon request.