Privacy & Security

Privacy, Data Protection and Security

SNG Research takes privacy, data protection and security seriously. Working with healthcare clients, in particular, comes with stringent requirements. We have devoted significant resources to ensure that the safeguards associated with HIPAA (Health Insurance Portability and Accountability Act) are in place and adhered to.

Safeguards in Place

SNG Research maintains and adheres to security and privacy policies and procedures covering the technical, administrative, and physical safeguards required by HIPAA and of critical importance to all of our clients. These include:

Technical safeguards

Data encryption for data at rest and when being transmitted
24/7 Security Incident and Event Management (SIEM) monitoring
Regular third-party assessments, tests and scans to ensure ongoing compliance
Controlled access to data based on role and need
Access authentication

Administrative safeguards

Background checks and signed confidentiality agreements required for all employees
Annual security training for all employees, supplemented with updates to support heightened awareness and vigilance
Password management requirements
Risk analysis and risk management processes
Contingency plans in the event of disaster
Master Services Agreements/Business Associate Agreements in place with trusted partners

Physical safeguards

Badge required to access facility; access tracked
Strict policies around appropriate use and security of workstations
Device and media accountability and tracking
Regular data backups and secure off-site storage