Security and Compliance

Intelex is dedicated to being an effective partner in customer data security through its Information Assurance program. Encompassing Information Security, Data Privacy and legal compliance, this program affirms Intelex’s commitment to the protection of information assets as part of its duty to its clients, Intelex members, business partners, vendors and third parties, and to ensure regulatory requirements are met.

AICPA SOC 2 and SOC 3

SOC2 and SOC3 Reports are independent third-party examination reports that demonstrate key compliance controls and objectives. The purpose of these reports is to provide an understanding of our controls established to support operations and compliance. The report includes an assessment against the Common Criteria principles of Security, Availability, and Confidentiality.

The Center for Internet Security, Inc. (CIS®)

The Center for Internet Security, Inc. (CIS®) is a community-driven non-profit, responsible for the CIS Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. They lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud.

Intelex is a member of CIS SecureSuite and implements CIS Hardening, CIS Benchmarks and CIS Controls.

EU GDPR Compliant

On May 25, 2018, a new landmark privacy law called the General Data Protection Regulation (GDPR) came into effect. It protects European Union data subjects' fundamental right to privacy and the protection of personal data. It introduces robust requirements that raise and harmonize standards for data protection, security, and compliance.

HIPAA Compliant

HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting the security and privacy of protected health information (PHI). PHI includes a very wide set of personally identifiable health and health-related data.

ISO/IEC 27001:2013 Certified

ISO27001 specifies the requirements for establishing, implementing, maintaining and improving a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS). The ISMS defines how Intelex manages security in a holistic and comprehensive manner.

PIPEDA Compliant

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that applies to the collection, use, and disclosure of personal information in the course of commercial activities in all Canadian. PIPEDA also applies to international and interprovincial transfers of personal information.

STAR Self-Assessment

Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. Intelex has completed the CSA STAR Self-Assessment.

Intelex PSIRT

PSIRT (Product Security Incident Response Team) is a dedicated team responsible for managing and responding to security vulnerabilities and incidents related to a company's products. The purpose of PSIRT is to provide an understanding of the security response controls established to handle vulnerabilities and incidents effectively. The team's activities include vulnerability identification, risk assessment, remediation, and stakeholder communication.