A note from Prathibha Rethish, SpineLegal™’s Privacy Officer. Former Security business analyst in Sitel.
"When it comes to keeping your data safe, we want to give the very best and peace to our customers. We’ve built banking security measures into the SpineLegal™ system to make sure you can use the application with confidence."
PCI-DSS Compliant: SpineLegal™ is in the process of achieving PCI DSS Compliance. This means that every year we have a third-party audit to validate our practices and make sure we’re doing the right things for you and your customers.
Secure data transmission: When you load a page in your browser, or upload something to SpineLegal™, all that information is encrypted while it’s moving over the internet. We lock up your data with up to 256-bit TLS encryption, the strength of protection you get with online banking and shopping. We also support a wide variety of cyphers — another kind of code — for our communications, to ensure the highest level of encryption possible, based on your browser.
Tokenization: SpineLegal™ doesn’t store credit card numbers, ever. Credit card or banking information is sent directly from the app or browser to our payments processor (WorldPay), and SpineLegal™ receives a secure token back. This token is a code that authorizes SpineLegal™ to complete the activity securely and efficiently, without storing or exposing your banking information.
Secure data storage: Your legal data is stored on servers that have strict physical access protocols, meaning there are rules in place limiting access to only the people who need it to do their jobs. The facilities are controlled with 24/7 monitoring, and the technology is digitally protected.
Passwords are encrypted when they’re collected when they’re sent to our servers, and we never store them without encrypting them first. In fact, all communications between our software and our servers are encrypted using Transport Layer Security (TLS) — the replacement for Secure Sockets Layer (SSL) — the highest level of security protocols available. Beyond that, we don't store any sensitive information, such as credit card numbers, on the device ever.
Do you have additional questions about the security of SpineLegal™? Please contact us. We’d be happy to tell you more about the many steps we take to ensure the security of your sensitive information.