WizeHive takes the security, safety, and privacy of our customers’ data and that of their constituents very seriously. As a cloud SaaS platform provider serving large enterprises, health systems, federal and state government agencies, and other complex organizations with extensive security needs, we rely on the latest tools and strategies to ensure data security and have implemented best practices across a number of levels in order to confidently offer a secure system.
WizeHive has a designated Security Officer and Privacy Officer who lead all efforts on security and training compliance, with additional resources allocated as appropriate. The team regularly attends conferences and trainings, as well as reviews OWASP and industry specific blogs, to keep up to date on best practices.
Additionally, all WizeHive personnel undergo security and privacy training as part of their orientation process and receive comprehensive training on at least an annual basis. Special topics in security and privacy are regularly presented at company-wide meetings to reinforce key concepts.
WizeHive maintains a robust set of security policies and procedures, modeled after the NIST 800-53 security framework, moderate level. These include access controls, uptime monitoring, risk assessments, third-party penetration studies, system maintenance procedures, and plans for potential security or privacy breach incidents.
WizeHive is proud have been issued a SOC 2 Type 2.
To date, WizeHive has never had a security or privacy breach.
In addition, WizeHive offers platforms and databases designed to meet the needs of popular regulations, including GDPR, HIPAA, FedRAMP, and PIPEDA.
WizeHive uses Amazon Web Services (AWS) to store data for its Zengine platform; WizeHive does not maintain any of its own servers on-premise. Customer data is secured by AWS’ industry-leading security measures, quick scaling, and high availability rates. Data is stored in the AWS US-East region and is replicated to a second data center for disaster protection. Data is stored in a multi-tenant environment protected by logical access controls.
Several other vendors are used to transmit or transform data as part of Zengine’s services. We perform a risk assessment with each vendor and sign a data sharing agreement prior to transmitting any customer data.
Administrator tools like permission-based roles, audit trails, and data exports provide customers with additional ways to manage and ensure security.
Protecting your data is central to our business and our promise to you. Through regular updates, transparency, and best practices, we serve as a partner to ensure your programs and all data are and remain safe.
If you have any questions about security or privacy at WizeHive or would like further details, please discuss with your account manager or sales representative, or feel free to contact our team using the form below.