Dear
Clients,
Regulatory
Compliance, LLC maintains certain personal customer information in its electronic
files to facilitate the processing of registration requests, the
creation or review of financial statements and the payment of invoices
for services. This information is stored on a shared drive on our
company’s server that is protected from unauthorized access. Regulatory
Compliance attests that all personal information and customer
information stored on our systems is protected as
follows:
- Access
to the shared drive is restricted to active employees
and pre-authorized individuals, on a “need to know” basis within
Regulatory Compliance through password-protected login to company
computers,
- The
company’s server is protected from external access through firewall
-
Access
to the server is monitored and automatic notifications to management
and the company’s IT consultant will be made should a breach occur.
-
Access
is blocked after multiple unsuccessful attempts to login and is logged.
-
Encryption
technology will be employed for data transmissions across public
networks and wireless transmissions. Remote access uses 128-bit
encryption.
-
Personal
information will not be stored on lap top or other portable devices as
a general rule and if so stored, all such data will be appropriately
encrypted
- System
security software is maintained using the most recent versions supplied
by the vendor
-
Employees
are trained on the need to protect personal information and the
consequences should they breach any personal data restriction
- The
Company will adopt written policies and procedures, reasonably designed
in light of the Firm’s size, business and amount of data stored
Regulatory
Compliance further attests that should a breach occur, management and
their IT consultant will immediately take action to secure information,
mitigate the breach and notify any customers whose personal information
could have been comprised.
Stephen
J. Sussman, President
Regulatory
Compliance, LLC
(603)
434-3594
|
