Data Security
Data has never been more important to your business and never more vulnerable. ConServe recognizes the vital importance of a corporate information security program to secure the data and assets of our Clients and their Consumers.
Your data is safe and secure, period.
ConServe has more than 1,000 information security controls in place and is compliant with the strict security guidelines and audits required by the U.S. Department of Education. In conjunction with Federal contract requirements, ConServe maintains FISMA (Federal Information Security Management Act) 3rd party certification, which complies with all NIST (National Institute of Standards and Technology) 800-53 standards and guidelines. All of these controls ensure that our Client data is safe and secure. Additionally, ConServe complies with PCI-DSS standards and is PCI-DSS V4.0 certified.
Complimentary E-Book
Three Key Components of Data Security
In today’s digital age, safeguarding consumer data is of utmost importance for financial institutions. However, as data security is a complex and constantly changing field, it’s important to keep several key factors in mind. In our free E-Book, we delve into three essential components of data security:
- Consumer behavior
- Employee training
- Comprehensive compliance systems
Download our complimentary E-Book now to learn more and ensure your institution is equipped to protect your consumers’ data.
Blueprint Quality Management System® - Certified Agency
ConServe has consistently achieved the ACA International Blueprint Quality Management System® certification. Currently only 1%, of the more than 6,000 collection agencies, have achieved this certification.
SSAE 18/SOC 1 Type 2 and SSAE 18 SOC 2 Type 2 Engagements
ConServe completes SSAE 18 SOC 1 Type 2 and SSAE 18 SOC 2 Type 2 engagements, conducted by a third-party auditor, annually. The SOC 1 and SOC 2 reports evaluate controls at a service organization that are relevant to the security, availability, and processing integrity of a service organization’s system. In addition, the reports also evaluate the confidentiality of the information and the privacy of personal information that the service organization’s system controls.
FISMA Compliant
In accordance with the U.S. Department of Education and in conjunction with Federal contract requirements, ConServe is compliant with the Federal Information Security Management Act (FISMA). ConServe’s comprehensive Information Security Program is structured to align with the information security standards and guidelines of the National Institute of Standards and Technology (NIST) Special Publication 800-53: “Security and Privacy Controls for Federal Information Systems and Organizations”.
PCI-DSS Compliance
PCI Security Standards are developed and maintained by the PCI Security Standards Council to protect payment data throughout the payment lifecycle. The different PCI Standards support different stakeholders and functions within the payments industry.
-
ConServe maintains ACA International Blueprint Quality Management System® certification. This certification includes data security requirements that applicants must meet in order to qualify for certification. The Blueprint certification also allows ConServe to comply unequivocally with the Federal Trade Commission’s regulations, as amended, on the safeguarding of information.
Additionally, ConServe complies with the Federal Information Security Management Act of 2002 (FISMA) and completes SSAE 18 SOC 1 Type 2 and SSAE 18 SOC 2 Type 2 engagements.
-
Yes, ConServe has consistently achieved the ACA International Blueprint Quality Management System® certification. Currently only 1% of the more than 6,000 collection agencies, have achieved this certification. As an agency with a certification in Blueprint Quality Management System®, we are positioned to place our Clients as our top priority. We are committed to providing the Blueprint® level of service:
- We collect faster
- We communicate faster
- We are meticulously accurate
-
Yes, ConServe has a made a commitment to meet and exceed government information security standards in accordance with the Federal Information Security Management Act (FISMA). FISMA compliance requires adherence to numerous regulatory guidelines and requirements as described by the Federal Information Processing Standards (FIPS) and the National Institute of Standards and Technology (NIST) Special Publications.
-
Yes, ConServe is PCI-DSS Certified and has a comprehensive System and Data security program that complies with all PCI-DSS standards.
-
ConServe completes SSAE 18 SOC 1 Type 2 and SSAE 18 SOC 2 Type 2 engagements, conducted by a third-party auditor, annually. The SOC 1 and SOC 2 reports evaluate controls at a service organization that are relevant to the security, availability, and processing integrity of a service organization’s system. In addition, the reports also evaluate the confidentiality of the information and the privacy of personal information that the service organization’s system controls.
