Is your organization a HIPAA compliant?
How is Client data protected from legal discovery and forensic hardware seizure being conducted of other customers' data?
Refer standard NDA, Service Agreement Terms. Client Data asked for by statutory authorities in written is provided under notification to that customer for that customer's data. Forensics Hardware seizure can happen only in the event of our centers being a source of non-permissible cyber crime activities, which are not possible since we have cyber Al software running on our network to detect for any kind of anomalies to take proactive block actions with no manual control.
Client data is protected by also being completely on Azure cloud servers which have their own Al led heuristic engines to protect customer data.
Does ZingHR perform any independent audits as required by applicable regulations ?
ZingHR Infra is managed by internal ZingHR IT team, the control has been set to ensure that the users are performing only activities that have been explicitly authorized.
ZingHR IT team maintain logs of changes and activities performed in the environment, these logs are also maintained for review by the Security team.
ZingHR Operational center is compliant and certified with ISO 27001:2013, ISO 9001 and SSAE 18
Does ZingHR has capability to maintain audit logs, and other records as per customer's compliance requirements ?
ZingHR provides to the customer eco system detailed font-end driven audit logs for configurationally changes made by the customer’s super users (Admin/HR/Corporate). Transaction audit logs are available in the product for the most important and high transactions processes in the engine (through Report extraction). A list can be provided post signup.
Does ZingHR have defined process for data disposal ?
Customer Data with the active contract period and post disengagement formally in an encrypted state for a period of 6 years-stored offline in Azure Storage Vault.
Data deletion requests can never be executed since they are all audit trailed.
Data can be de-activated from active use based on authorized Request.
Does ZingHR share detailed report of VAPT with customers ?
No, The detailed reports are the internal product code reports and are not available for any external sharing. ZingHR will share the VAPT certification report which is performed periodically .