WSA’s Security Commitment to our Clients:
Workforce Science Associates and its leadership team prioritize the security and privacy of our clients’ data above all else. WSA provides consulting and project management services to our clients. We have multiple controls in place to safeguard against unauthorized access to any records or data that could result in harm or inconvenience to our stakeholders. This document outlines our commitment to maintaining robust data security measures in our partnerships. By adhering to these guidelines, we ensure the protection of sensitive information, foster trust, and uphold our reputation as a reliable and secure business partner.
Data and Privacy Protection:
- Our security and privacy measures are designed to protect information or communication exchanges as part of a service and to maintain the availability of such content pursuant to the applicable statement of work.
- Client data is encrypted in transit and at rest in our systems.
- We document the sanitizing of all physical media intended for reuse prior to reuse, and the destruction of physical media not intended for reuse.
WSA Employee Access Control:
- We implement strong user authentication and authorization mechanisms to ensure that only authorized personnel can have access to data.
- We enforce the principle of least privilege, granting access only when necessary and revoking access promptly upon role changes or termination.
Incident Response:
- We have an incident response plan outlining procedures for handling data breaches or security incidents, including escalation processes and notification requirements.
Vendor Management:
- We require vendors to sign a non-disclosure agreement to ensure the confidentiality and safety of your information and ours.
Personnel Security Policies:
- All WSA employees complete security and privacy education annually to comply with our ethical business conduct, confidentiality, and security policies.
- Our leadership team reviews and updates our security policies at least annually and amends those policies as applicable.
- We periodically review our employment requirements for all new hires to determine if adjustments are needed to meet US employment regulations.
Third-Party Audits:
- WSA participates in regular third-party audits, such as SOC 2, to verify compliance with industry best practices for data security and privacy.
- After such audits, we work to address any identified gaps in our security posture and make necessary improvements to maintain a strong security stance.
Regular Reviews:
- We regularly review and update all business, privacy, and security policies in response to changes in technology, regulations, and industry best practices to ensure the continued protection of sensitive data.
WSA is committed to maintaining a secure physical and online environment, and to protecting the confidentiality and integrity of your data. If you have any questions or concerns regarding our security practices, please do not hesitate to contact us at the following email: info@workforcescience.com