Home /
Trust Center
Trust Center
Trust Center
Welcome to our Trust Center, where security and compliance are at the heart of our service. Here, you’ll find comprehensive details about how we safeguard your data and ensure that our services meet the highest standards of security, specifically tailored to support HIPAA compliance..
VoyceLink is a language-access platform that lets people and organizations communicate without barriers. With VoyceLink, users can access language services like phone and video interpreting, remote simultaneous interpretation, and AI-translated captioning. They can also manage language services with the industry-leading interpreter management and scheduling technology for providers.
Risk Profile
At Voycelink, we understand that managing risk is crucial to the reliability and integrity of our services. We classify the potential impact on enterprise customers in the event of a data or functionality compromise as moderate, which guides our strategic approach to risk mitigation and ensures continuity without overburdening resources. In response to critical failures, such as a database deletion, our recovery time objective is set between 24 to 72 hours to facilitate thorough restoration processes, minimizing disruptions to our operations and service delivery.
Additionally, we provide customizable recovery point objectives that adhere to applicable standards, accommodating the varied needs of our customers and ensuring that our recovery protocols are aligned with specific business requirements and regulatory frameworks. This approach not only underscores our commitment to security and compliance, particularly with HIPAA regulations, but also reinforces the trust our customers place in us, knowing that their critical operations are safeguarded against a range of potential risks.
Auditing
At Voycelink, we are committed to maintaining the highest standards of data integrity and compliance. To achieve this, we conduct regular audits that rigorously evaluate our adherence to established privacy policies and regulatory requirements. These audits are essential components of our operational framework, designed to identify and rectify any discrepancies or vulnerabilities that may compromise the privacy and security of the data entrusted to us. This proactive approach not only helps us uphold our commitment to regulatory compliance, including HIPAA, but also reinforces the trust that our customers place in our ability to protect their most sensitive information.
Data Security
At Voycelink, maintaining robust data security is a cornerstone of our operational integrity and compliance efforts. We rigorously monitor access, ensuring that accounts and permissions are regularly reviewed to adhere to the principle of least privilege, enhancing overall system security and data integrity. Data backups are a critical component of our strategy; Voycelink maintains contemporaneous backups that are recoverable immediately at any point, barring disasters. These backups occur daily with full incremental backups executed weekly, and we strategically archive and incrementally back up data to guarantee its usability and availability.
Further strengthening our security measures, data within our system is encrypted at rest. During transit, all data exchanged between Voycelink and its users is protected by robust protocols such as Transport Layer Security (TLS), ensuring that any interruption in encrypted communication renders the Voycelink application inaccessible. Additionally, the physical security of our infrastructure is managed comprehensively by Microsoft Azure, providing a secure and resilient environment as detailed on their security webpage. Our commitment to data security is also reflected in our compliance with regulations like GDPR, where we diligently respond to requests for data modification and ensure data erasure as required, thereby upholding our promise of data protection and privacy
Endpoint Security
Our endpoint security strategy is designed to protect against a wide array of threats through stringent enforcement of antivirus policies and comprehensive user training on security practices. By ensuring that all endpoints are equipped with the latest antivirus solutions and that all users are educated about best security practices, we create a robust defense against potential security breaches. This proactive approach to endpoint security not only helps in preventing malware and other malicious attacks but also reinforces our commitment to maintaining a secure and trustworthy environment for our users.
Corporate Security
Corporate security is an all-encompassing endeavor, reflecting our commitment to safeguarding our operations and customer data across all levels of our enterprise. We mandate that all employees and contractors complete Security & Privacy Awareness training as part of their initial onboarding and on an annual basis thereafter. This training covers crucial topics such as device security, physical security, phishing, and insider threats, ensuring that every member of our team is equipped to follow best practices in data handling. Our comprehensive approach to security training underscores our dedication to preventing security breaches and maintaining the highest standard of trust and integrity in managing customer data.