We have included a hyperlink to the Safe Harbor website or the corresponding URL (e.g., http://export.g ov/safeharbor/).
(Aug. 1, 2013, Rumson, N.J., USA) – Commercium Technology Inc. (CTI), a leading provider of IT security solutions, today announced that it had received formal certification by the U.S. Department of Commerce SAFEHARBOR program. This program provides a framework agreed to by the United States government and the European Common Union (EU) for ensuring that compliant organizations very strictly protect customer, partner and employee data considered sensitive and private.
“Achieving this certification not only positions CTI to participate in large, global projects where SAFEHARBOR certification is required by the prime contractor or end-customer,” said William O’Brien, CTI President. “But it also proves CTI takes the security and privacy of its customers, partners and employees very, very seriously”.
SAFEHARBOR certification requires that a company define and adhere to a comprehensive INFO SEC policy, educate its employees and sub-contractors on security, and subscribe to a set of governing principles which ensure data privacy. Of paramount importance is that sensitive, private information never be forwarded to a third party without appropriate permission. A formal, dispute resolution process must be put in place and made available to any party concerned with the manner in which that party’s sensitive information is being handled.
“The SAFEHARBOR-defined principles are very detailed but clear about how to handle sensitive data, “ pointed out Peter Beck, Vice President of Professional Services at CTI. “Here in the US we have regulations such as HIPPA and FERPA which target the privacy of specific types of personal information, such as health or educational records. The EU takes a much broader stance regarding what is to be considered a person’s private information”.
Other areas which CTI had to address in order to achieve SAFEHARBOR compliance included the designation of a company-wide Security and Privacy Manager role, implementation of a yearly security-risk assessment and an ongoing security awareness training program for employees and contractors.
“In reality, we were doing many of these things anyway—many of our staff members are actually security experts in their own right” commented Beck. “However, SAFE HARBBOR certification provided the vehicle and justification for formalizing many of these activities as well as garnering support from different parts of the organization such as HR and Finance”.
CTI used the services of Greenberg, Traurig, LLP, a large law firm with offices in Washington, DC and international trade and IT security experience, to successfully guide it through the U.S. Department of Commerce certification process. “Since this process is quite detailed and to a great extent concerns itself with EU regulations, we felt it was necessary to engage a partner with an understanding of SAFEHARBOR requirements , US Department of Commerce processes, IT Security technology and international law, said Beck. “This is a fairly unique combination, but the results were excellent and we must commend GT for a high degree of expertise, professionalism and customer service in helping CTI smoothly achieve this certification, which we consider business essential”.