Security & Compliance
At Exela, maintaining the privacy and security of your information is a primary business objective
KEY VALUE
- Rigorous security controls
- Fully compliant operations
- Comprehensive data security
- Disaster recovery protocol
- Maintenance of privacy protocols whether determined by legislative requirements or not.
OVERVIEW
Exela’s primary business is data handling and processing, and we take an aggressive stance on maintaining protection and privacy of the information our customers entrust to us. Our security implementations span across the physical and digital spectrum to include:
- Rigorous security controls
- Encryption management
- Systems development life cycle
- Change management
- Production monitoring
- Intrusion detection
- Prompt incident response
- Proactive business continuity and disaster recovery
These in turn drive our privacy initiatives
We maintain robust industry, local, and national government and international security (e.g., SSAE 16 Type II, SOX, PCI, FISMA, NIST, NARA, FIPS, DIACAP. ISO 27XXX series) and privacy (HIPPA, GDPR, Privacy Shield GLBA) compliant operations that protect the security and privacy of all data and documents received and processed on behalf of our clients.
Exela protects its systems with a comprehensive assortment of security and privacy best practices, including documented and audited processes and a business continuity plan to ensure secure, uninterrupted services.
KEY FEATURES
Disaster Recovery Protocols
Our formal disaster recovery policies have been established, tested, and refined over decades to ensure operating requirements are met, quality is maintained, and expectations are exceeded wherever possible.
Strict Access Controls
All of our facilities uphold the highest standards for security and access control. Continuous facility monitoring by personnel as well as CCTV, identification display protocols, and periodic system integrity checks ensure that our facilities are secure.
Change Management Procedures
Prior to changes made to application systems, data structures, network and communication software, systems software, and hardware, or the environment in which they operate, all affected parties are contacted and coordinated with to ensure minimum service impact.
Comprehensive Data Security
Our customers’ data is protected throughout the production process by means of physical and logical access controls, strict handling procedures, and advanced encryption safeguards.
Privacy Compliance
We recognize that our clients and in turn their clients have an increasing interest in maintaining the privacy of their personal data entrusted to us for processing. We therefore ensure that we maintain the privacy of all personal data whether this is to comply with local and national legislation, but also as part of our belief that this is part of normal business operations. We monitor the global privacy landscape to maintain our compliance activities worldwide.
Exela Customers may request various security-related documents and questionnaires by contacting their account executive.