Compliance Requirement

Modified on Wed, 28 Jul, 2021 at 4:01 PM

FAQ-CR-001
Is your organization a HIPAA compliant?

Not currently.

 

FAQ-CR-002

How is Client data protected from legal discovery and forensic hardware seizure being conducted of other customers' data?

Refer standard NDA, Service Agreement Terms. Client Data asked for by statutory authorities in written is provided under notification to that customer for that customer's data. Forensics Hardware seizure can happen only in the event of our centers being a source of non-permissible cyber crime activities, which are not possible since we have cyber Al software running on our network to detect for any kind of anomalies to take proactive block actions with no manual control.

Client data is protected by also being completely on Azure cloud servers which have their own Al led heuristic engines to protect customer data.


FAQ-CR-003 

Does ZingHR perform any independent audits as required by applicable regulations ?  

ZingHR Infra is managed by internal ZingHR IT team, the control has been set to ensure that the users are performing only activities that have been explicitly authorized. 

ZingHR IT team maintain logs of changes and activities performed in the environment, these logs are also maintained for review by the Security team. 

ZingHR Operational center is compliant and certified with ISO 27001:2013, ISO 9001 and SSAE 18 



 

FAQ-CR-004 

Does ZingHR  has capability to maintain audit logs, and other records as per customer's compliance requirements ?   

ZingHR provides to the customer eco system detailed font-end driven audit logs for configurationally changes made by the customers super users (Admin/HR/Corporate). Transaction audit logs are available in the product for the most important and high transactions processes in the engine (through Report extraction). A list can be provided post signup. 




FAQ-CR-005 

Does ZingHR have defined process for data disposal ? 

Customer Data with the active contract period and post disengagement formally in an encrypted state for a period of 6 years-stored offline in Azure Storage Vault. 

Data deletion requests can never be executed since they are all audit trailed. 

Data can be de-activated from active use based on authorized Request.


FAQ-CR-006

Does ZingHR share detailed report of VAPT with customers ?

No, The detailed reports are the internal product code reports and are not available for any external sharing. ZingHR will share the VAPT certification report which is performed periodically .







Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article