Compliance

  • Certificates and audit reports of attestation of compliance can be downloaded via the in/site business intelligence platform by authorized users at any time and on-demand.
    • vXchnge has achieved the following in support of the compliance goals of Information Security: A 3-year Certificate of Compliance for ISO 27001:2013, Attestation of Compliance for SSAE 18 Type 2 (SOC2, Type 2), SOC1 Type 2, HIPAA/HITECH, PCI DSS 3.2.
    • Audit Reports for each standard are available via the in\site business intelligence tool using the Reports Tab, Compliance Reports.
  • Performance periods
    • The ISO 27001:2013 and PCI DSS 3.2 performance periods runs 1 June through 31 May.  
    • SOC and HIPAA performance periods run 1 July through 30 June.
    • A Bridge Letter is available to cover the gap between the previous performance period end date and the conclusion of the current period.
  • Requesting Compliance Support
    • vXchnge is open to supporting our customer’s compliance needs through information sharing and audit support.
    • Submit your request for Compliance Support via a Support Ticket using the in\site business intelligence platform.
    • vXchnge reserves the option to invoice for services in support of a customer compliance audit, certification or attestation activity – dependent upon scope and resources required.
  • GDPR
    • vXchnge understands the need for supporting those customers who fall within the scope of GDPR; specifically, the treatment and protection of an individual’s Personal Identifiable Information (PII). vXchnge maintains an ISO 27001 Certificate and has verified our standards to support Information Security across our internal systems. vXchnge has implemented incremental procedures to address PII Removal. Primary control of the customer Contact Records is controlled/managed by the customer and contained in the in\site Customer Profile. Should an individual’s PII Removal be requested beyond those in\site Customer Contact Records, please submit the request via a support ticket.