Privacy Policy
Our Privacy Principles
1. Introduction
CanisVigilans is committed to maintaining the highest standards of security and confidentiality in the development, deployment, and maintenance of its surveillance technology products. This set of security policies outlines the procedures and protocols that govern the protection of sensitive information, with a particular emphasis on compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other relevant cybersecurity standards.
2. Information Security Governance
2.1 Policy Approval and Review: This policy will be reviewed annually and updated as needed to ensure alignment with industry best practices and regulatory requirements.
2.2 Roles and Responsibilities: Designate roles and responsibilities for individuals involved in the management, operation, and oversight of information security.
3. Risk Management
3.1 Risk Assessment: Conduct regular risk assessments to identify and mitigate potential threats to the confidentiality, integrity, and availability of sensitive information.
3.2 Incident Response: Develop and maintain an incident response plan to address and mitigate security incidents promptly and effectively.
4. Data Security and Encryption
4.1 Data Classification: Classify data according to sensitivity and implement appropriate access controls.
4.2 Encryption: Utilize strong encryption methods for the transmission and storage of sensitive data to ensure data confidentiality.
5. Access Control
5.1 User Access: Implement a least privilege access policy to restrict access to sensitive information based on job roles and responsibilities.
5.2 Authentication and Authorization: Employ multi-factor authentication and robust authorization mechanisms to validate user identity and control system access.
6. HIPAA Compliance
6.1 Protected Health Information (PHI): Safeguard PHI in accordance with HIPAA regulations, ensuring strict adherence to privacy and security rules.
6.2 Breach Notification: Develop and maintain procedures for timely and accurate reporting of any breaches involving PHI, in compliance with HIPAA requirements.
7. Network Security
7.1 Firewalls and Intrusion Detection/Prevention Systems: Implement and maintain firewalls and intrusion detection/prevention systems to safeguard the network from unauthorized access and malicious activities.
7.2 Wireless Security: Secure wireless networks with strong encryption protocols and regularly update access credentials.
8. Security Training and Awareness
8.1 Employee Training: Provide regular security awareness training to all employees to enhance their understanding of security policies and practices.
8.2 Incident Reporting: Establish a process for employees to promptly report any suspected security incidents or violations.
9. Physical Security
9.1 Facility Access: Control physical access to facilities housing sensitive information, ensuring only authorized personnel can enter secure areas.
9.2 Equipment Disposal: Safely dispose of obsolete equipment to prevent unauthorized access to sensitive data.
10. Compliance Monitoring and Enforcement
10.1 Auditing and Monitoring: Regularly audit and monitor security controls to ensure compliance with policies and regulations.
10.2 Enforcement: Enforce consequences for non-compliance with security policies, up to and including termination of employment or legal action.
By adhering to these security policies, CanisVigilans aims to uphold the trust of its clients and partners by safeguarding sensitive information and maintaining a robust cybersecurity posture.