Corporate Security & Compliance

Your Documents, Your Trust

Overview

As a leading provider of document management solutions, ACI’s security & compliance practices are multidimensional and reflect the various ways we engage with our customers. ACI integrates both security and privacy into all levels of staff training and ongoing daily operations and regularly monitors legislation at the federal and provincial levels to ensure compliance with regulatory requirements. Appropriate physical controls have also been established to provide secure access to facilities and controlled areas including environmental systems for fire suppression, flood management, and HVAC to protect mission-critical systems and source data.

Objectives

ACI’s Corporate Security & Compliance Program is designed to protect the confidentiality, integrity and availability of both Customer and internal ACI information and data such as:

  • Customer documents and data residing in ACI’s internal IT systems
  • The mission-critical systems that customers rely upon for Cloud document processing and other document management services
  • ACI source code and other sensitive data against theft and malicious alteration
  • Personal and other sensitive information that ACI collects in the course of its business, including customer, supplier and employee data

Industry Standards & Certifications

ACI’s security policies are aligned with relevant industry associations’ guidelines and standards and government regulations.

SOC Compliance

SOC Compliance

ACI engages a third party CPA firm to perform annual audits and provide certification based on Canadian Standard on Assurance Engagements (CSAE) or popularly known as Service Organization Control (SOC) Audit Reports

CGSB

Electronic Records as Documentary Evidence (CAN/CGSB-72.34-2005) & Microfilm & Electronic Images as Documentary Evidence (CGSB.72.11.99)

These standards provide guidance for developing policies, procedures, processes and documentation that support the continuing reliability, accuracy and authenticity of electronic records…

Pipeda

PIPEDA

The Personal Information Protection and Electronic Documents Act originally published on April 13, 2000 is a Canadian law relating to data privacy. It governs how private sector organizations collect, use and disclose personal information in the course of commercial business.

PHIPA-Compliant

PHIPA

The Personal Health Information Protection Act is Ontario’s health-specific privacy legislation which came into force on November 1, 2004. PHIPA governs the manner in which personal health information may be collected, used and disclosed within the health sector.

CHIMA

The Canadian Health Information Management Association is the national professional association for the health information industry in Canada.  CHIMA’s four domains of practice are privacy, data quality, electronic health information management (HIM), and HIM standards.

RS (Canada)

Reliability Status (RS)

All our personnel undergo pre-employment security screening to establish Reliability Status (RS) which grants the right to access Protected A, B and C documents and information for the Federal Government of Canada.

Industry Associations

aiim

AIIM

ACI is a Professional Member of The Association for Intelligent Information Management. AIIM’s stated mission is to help organizations put their information to work by focusing on the intersection of people, processes and information.

Ash Conversions Logo

Innovative Solutions For Document & Data Driven Business Processes

Schedule a Demo

Quick Links

Contact Us

Phone:

1(800) 719-9621

© 2024

  AshConversions.com | Document Management Solutions | All Rights Reserved | Privacy Policy

Schedule a Demo

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Talk to Us

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Call Us