Security & Compliance

At Exela, maintaining the privacy and security of your information is a primary business objective

KEY VALUE

  1. Rigorous security controls
  2. Fully compliant operations
  3. Comprehensive data security
  4. Disaster recovery protocol
  5. Maintenance of privacy protocols whether determined by legislative requirements or not.

OVERVIEW

Exela’s primary business is data handling and processing, and we take an aggressive stance on maintaining protection and privacy of the information our customers entrust to us. Our security implementations span across the physical and digital spectrum to include:

  1. Rigorous security controls
  2. Encryption management
  3. Systems development life cycle
  4. Change management
  5. Production monitoring
  6. Intrusion detection
  7. Prompt incident response
  8. Proactive business continuity and disaster recovery

These in turn drive our privacy initiatives

We maintain robust industry, local, and national government and international security (e.g., SSAE 16 Type II, SOX, PCI, FISMA, NIST, NARA, FIPS, DIACAP. ISO 27XXX series) and privacy (HIPPA, GDPR, Privacy Shield GLBA) compliant operations that protect the security and privacy of all data and documents received and processed on behalf of our clients.

Exela protects its systems with a comprehensive assortment of security and privacy best practices, including documented and audited processes and a business continuity plan to ensure secure, uninterrupted services.

KEY FEATURES

Disaster Recovery Protocols
Our formal disaster recovery policies have been established, tested, and refined over decades to ensure operating requirements are met, quality is maintained, and expectations are exceeded wherever possible.

 Strict Access Controls
All of our facilities uphold the highest standards for security and access control. Continuous facility monitoring by personnel as well as CCTV, identification display protocols, and periodic system integrity checks ensure that our facilities are secure.

Change Management Procedures
Prior to changes made to application systems, data structures, network and communication software, systems software, and hardware, or the environment in which they operate, all affected parties are contacted and coordinated with to ensure minimum service impact.

Comprehensive Data Security
Our customers’ data is protected throughout the production process by means of physical and logical access controls, strict handling procedures, and advanced encryption safeguards.

Privacy Compliance
We recognize that our clients and in turn their clients have an increasing interest in maintaining the privacy of their personal data entrusted to us for processing. We therefore ensure that we maintain the privacy of all personal data whether this is to comply with local and national legislation, but also as part of our belief that this is part of normal business operations. We monitor the global privacy landscape to maintain our compliance activities worldwide. MORE INFORMATION

Exela Customers may request various security-related documents and questionnaires by contacting their account executive.