Information Governance and Data Protection

We are registered with the Information Commission and comply with all regulations regarding Data Protection as specified by the Commission and the Data Protection Act.

We discuss with our clients how they would like to share electronic information with us.  For private clients, files are sent electronically by email or Dropbox, using 256 bit encryption over a secure server and sensitive documents are password protected.  If preferred, this can be by an alternative encrypted route discussed and agreed prior to accepting work.  We adhere to the guidelines of the Data Protection Act and have strict policies in place to protect the integrity of your data at every stage.

For clients in the public health sector, we can securely transfer files over NHS mail and no information is stored on our computers.  

Customer data which is sensitive and confidential can be transmitted with limited personal details to ensure no identifiable information is transmitted or stored.

Information Governance and Data Protection

We are registered with the Information Commission and comply with all regulations regarding Data Protection as specified by the Commission and the Data Protection Act.

We discuss with our clients how they would like to share electronic information with us.  For private clients, files are sent electronically by email or Dropbox, using 256 bit encryption over a secure server and sensitive documents are password protected.  If preferred, this can be by an alternative encrypted route discussed and agreed prior to accepting work.  We adhere to the guidelines of the Data Protection Act and have strict policies in place to protect the integrity of your data at every stage.

For clients in the public health sector, we can securely transfer files over NHS mail and no information is stored on our computers.  

Customer data which is sensitive and confidential can be transmitted with limited personal details to ensure no identifiable information is transmitted or stored.

Data Security 

At The Modern Office-UK (TMO), we employ strong security measures throughout the entire information processing life cycle. Our infrastructure is built to provide secure deployment and processing of services, secure data communications and storage. It is also important to understand that no system is 100% secure. While we will do our best to ensure your information stays safe, The Modern Office-UK cannot guarantee the security of data. Please keep reading to explore how we keep your information secure.  

 

We have mechanisms in place to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. 

The following outlines our data security policy: 

To help protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access, The Modern Office-UK will implement and maintain technical and organizational procedures from the point of collection to the point of destruction. Personal data will only be transferred to a Data Processor if he agrees to comply with those procedures and policies, or if he puts in place adequate measures himself. 

The Security Measures include but are not limited to: 

Methods of disposal: Paper documents stored in secure bins provided and then burned. Hard drives are retained by the IT department and destroyed securely.  

Encryption: 

The Modern Office-UK makes use of HTTPS encryption techniques to protect our systems and customer’s data in transit to The Modern Office-UK sites is protected using HTTPS, which is activated by default for all users 

Access Controls: For all TMO employees, access rights and levels are based on job function and role, using the concepts of least-privilege and need-to-know to match access privileges to defined responsibilities. To help ensure ongoing confidentiality and integrity, TMO will take appropriate steps to ensure any employees, contractors and Sub processors process data applicable to their scope of performance, including ensuring only persons authorised can process Customer Personal Data. 

All payment details are transmitted over SSL and stored in compliance with Payment Card Industry Data Security Standards (PCI DSS). 

TMO's internal data access processes and policies are designed to restrict unauthorised persons and/or systems from gaining access to systems used to process personal data.  

TMO's production servers are only accessible by a limited number of authorised personnel and are designed to provide secure and flexible access to systems 

TMO's incorporates strong password policies, two-factor authentication and carefully monitored access lists to minimise the potential for unauthorised account use. Access to systems is logged to create an audit trail for accountability. Where passwords are employed for authentication (e.g., login to workstations), password policies that follow at least industry standard practices are implemented. 

Vulnerability Management: 

 

We regularly scan for software vulnerabilities using third-party security advisers and in-house tools, intensive automated and manual penetration testing and software security reviews. We leverage a range of products and tools to further protect personal data against unauthorised or unlawful processing. 

Personal devices: 

 

TMO allows users to connect their corporate account to their personal device.  

TMO manage and monitor apps and data link to their corporate profile. Before a user can connect their corporate account they must agree to our data privacy terms and conditions and when a user leaves the company, their work profile is remotely disabled and wiped removing any corporate data.  

Data Storage: 

TMO’s data and backups are stored securely in the cloud and are geographically distributed to protect against data loss. Database and file systems are replicated across multiple platforms to ensure a high level of redundancy. 

© 2019 by The Modern Office-UK

Postal Address: The Generator Quay House, The Gallery, Kings Wharf, The Quay, Exeter, Devon, EX2 4AN

Telephone: 0333 111 1119            Email:info@themodernoffice-uk.com