Security & Privacy

Safeguarding the privacy and confidentiality of Personally Identifiable Information (PII) and Protected Health Information (PHI) is of paramount concern to MicroMass Communications, Inc. PII is any data that can be used to contact, locate, or identify a specific individual, whereas PHI is any health information that is individually identifiable. Programs of MicroMass Communications, Inc. comply with HIPAA, COPPA, and DMA Privacy Guidelines.

External Verification

In addition to complying with industry standard guidelines, MicroMass Communications, Inc. is ISO27001:2013 certified to further strengthen and continuously improve our security posture. ISO27001 requires a rigorous system of policies, processes, and controls to ensure information security. To receive a copy of the certification report please contact our Privacy and Security team at mmc.privacy@micromass.com.

We build security and privacy into each of our programs through the following key steps:

  • Designate a primary security and privacy contact
  • Provide a clear, simple privacy and usage statement
  • Use PHI only for intended purposes
  • Collect the minimum amount of data
  • Provide a privacy complaint/resolution system
  • Use opt-in enrollment
  • Provide easy opt-out
  • Provide a means to view and modify PHI
  • Encrypt network-transferred PHI
  • Encrypt PHI in all links
  • Establish a “chain of trust” with vendors’ security policies

To ensure organizational security, we:

  • Maintain and enforce a written security policy
  • Conduct security training for all staff
  • Maintain written contingency plans
  • Maintain and enforce a written HIPAA policy
  • Conduct PHI/PII training for all staff
  • Implement HIPAA program certification procedures
  • Restrict access to PHI
  • Control physical access to facilities

These systems, processes, and personnel are the responsibility of our CyberSecurity Specialist, Kai Taylor, and our information security committee, including representation from senior executive management, information systems, human resources, and security personnel.

For further information regarding security and privacy issues, or to obtain copies of privacy notices and policies, please contact us at mmc.privacy@micromass.com, or call our corporate office at (919) 851-3182.