Data Security Policy

Purpose

EDI must protect restricted, confidentialor sensitive data from loss to avoid reputation damage and to avoid adversely impacting our customers. The protection of data in scope is a critical business requirement, yet abilityto access data and work effectively is also critical.  It is not anticipated that this technology control can effectively deal with the malicious theft scenario, or that it will reliably detect all data. It’s primary objective is user awareness and to avoid accidental loss scenarios. This policy outlines the requirements for data leakage prevention, a focus for the policy and a rationale. 

Scope  

Any employee, contractor or individual with access to EDI systems or data. Definition of data to be protected includes: 

–PII

–Financial

–Restricted/Sensitive

–ConfidentialIP 

–Customer / Respondent Collected Data

–Client Data

Policy Requirements

EDI staff are required not to reference the subject or content of sensitive or confidential data publically, or via systems or communication channels not controlled by EDI. For example, the use of external e-mail systems not hosted by EDI to distribute data is not allowed. 

EDI staff need to use a secure password on all systems you use to work on EDI projects as per the password policy. These credentials must be unique and must not be used on other external systems or services. 

Terminated subcontractors or employees will be required to return all records, in any format, containing personal information. 

EDI staff must immediately notify Henry Edinger in the event that a device containing in scope data is lost (e.g. mobiles, laptopsetc). 

In the event that you have a system or process which you suspect is not compliant with this policy or the objective of information security you have a duty to inform Henry Edinger so that they can take appropriate action. 

EDI staff must take extra precaution to ensure that data is appropriately handled when working remotely. Please ensure that assets holding data in scope are not left unduly exposed, for example visible in the back seat of your car. 

Data that must be moved within EDI is to be transferred only via business provided secure transfer mechanisms. EDI will provide you with systems or devices that t this purpose. You must not use other mechanisms to handle in scope data. If you have a query regarding use of a transfer mechanism, or it does not meet your business purpose you must raise this with Henry Edinger. 

Any information being transferred on a portable device (e.g. USB stick, laptop) must be encrypted in line with industry best practices and applicable law and regulations. If there is doubt regarding the requirements, seek guidance from Henry Edinger.


Confidentiality Policy - United States

EDI adheres to the CASRO (Council of American Survey Research Organizations) code of ethics and policies on confidentiality.  The policy indicates the following:

(1) Always enter into a confidentiality or “chain of trust” agreement when receiving and using legally-protected, personally-identifiable information from a source other than the data subject, insuring that the Research Organization will protect the information and only use it for the purposes specified in the agreement;

(2) Always require subcontractors and other third parties to whom they disclose personally-identifiable information to enter into confidentiality or “chain of trust” agreements that require such party(ies) to provide the same level of security and limitations of use and disclosure as the Research Organization;

(3) Always store or maintain personally-identifiable information in a verifiably secure location;

(4) Always control and limit accessibility to personally-identifiable information;

(5) Always use reasonable efforts to destroy personally-identifiable information once the survey is complete and validation has been conducted, unless the personally-identifiable information relates to Respondents in panels, to ongoing studies, or for some other critical research reason, or the research Client is legally or contractually obligated to require its service providers to maintain such information for a certain period of time and contractually imposes this requirement on the Research Organization;

(6) Never knowingly receive, use or disclose personally-identifiable information in a way that will cause the Research Organization or another party to violate any Privacy Law or agreement.

The principle of Respondent confidentiality includes the following specific applications or safeguards:

a. Survey Research Organizations' staff or personnel should not use or discuss Respondent-identifiable data or information for other than legitimate internal research purposes.

b. The Survey Research Organization has the responsibility for insuring that Subcontractors (Interviewers, Interviewing Services and Validation, Coding, and Tabulation Organizations) and Consultants are aware of and agree to maintain and respect Respondent confidentiality whenever the identity of Respondents or Respondent-identifiable information is disclosed to such entities.

c. Before permitting Clients or others to have access to completed questionnaires in circumstances other than those described above, Respondent names and other Respondent-identifying information (e.g., telephone numbers) should be deleted.

d. Invisible identifiers on mail questionnaires that connect Respondent answers to particular Respondents should not be used. Visible identification numbers may be used but should be accompanied by an explanation that such identifiers are for control purposes only and that Respondent confidentiality will not be compromised.

e. Any Survey Research Organization that receives from a Client or other entity information that it knows or reasonably believes to be confidential, respondent identifiable information should only use such information in accordance with the principles and procedures described in this Code.

f. The use of survey results in a legal proceeding does not relieve the Survey Research Organization of its ethical obligation to maintain in confidence all Respondent-identifiable information or lessen the importance of Respondent anonymity. Consequently, Survey Research firms confronted with a subpoena or other legal process requesting the disclosure of Respondent-identifiable information should take all reasonable steps to oppose such requests, including informing the court or other decision-maker involved of the factors justifying confidentiality and Respondent anonymity and interposing all appropriate defenses to the request for disclosure.


Confidentiality Policy - International (Non-US)

In order to conduct international research that requires either transmitting or receiving personally-identifiable information of Respondents, EDI complies in all material respects with international privacy laws and regulations, by, in the case of data transfers with a person or entity in the European Union, either (i) certifying their compliance with the privacy provisions described in the United States Safe Harbor Principles of the European Union Directive on Data Protection or (ii) satisfying an alternative method of complying in all material respects with the Directive.

The EU Safe Harbor privacy principles are contained in the CASRO Model Privacy Policy and are as follows:

(1) Notice: A description of what information is collected, how it is collected, its purpose, and its disclosure to third parties.

(2) Choice: A statement of and procedures for allowing individuals to choose not to participate in the research and/or to have their personal information used or disclosed to a third party.

(3) Onward Transfer: A statement that personal information will be transferred only to third parties who are also in compliance with the Safe Harbor Principles.

(4) Access: Procedures to provide individuals with access to their personal information in order to correct, amend, or delete that information where it is inaccurate.

(5) Security: A description of the reasonable precautions taken to protect personal information from loss, misuse and unauthorized access, disclosure, alteration, and destruction.

(6) Data Integrity: A statement that information will be used consistent with the purpose for which it was collected.

(7) Enforcement: A description of internal and external mechanisms for assuring compliance, and addressing and resolving disputes and complaints.