At Hornbill, we know how important it is to keep your data safe when outsourcing. That’s why security and compliance aren’t just checkboxes for us, they’re the foundation of everything we do. With strict security measures and industry-leading protocols, we ensure your information stays protected, so you can focus on what matters most.
Certifications and Standards
Hornbill adheres to internationally recognized standards to maintain the highest levels of data security and quality management.
ISO 27001 Certification
This certification demonstrates our capability to establish, implement, maintain, and continually improve an information security management system (ISMS). It encompasses the assessment and treatment of information security risks, ensuring comprehensive protection of your data.
ISO 9001 Certification
This certification signifies our commitment to consistently providing services that meet customer and regulatory requirements, reflecting our dedication to quality management principles.
GDPR Readiness
Hornbill is GDPR-ready, upholding the privacy rights of individuals as defined by the General Data Protection Regulation (GDPR). We manage and process personal data responsibly, with clear consent mechanisms, data minimization principles, and secure storage protocols. Our commitment ensures full transparency and control for clients and individuals across the UK & European Economic Area.
HIPAA Compliance
We are fully compliant with the Health Insurance Portability and Accountability Act (HIPAA), ensuring that all Protected Health Information (PHI) is handled with the utmost confidentiality and integrity. Our processes, systems, and team training are designed to safeguard patient data, maintain privacy standards, and ensure secure communication in accordance with U.S. healthcare regulations.
IT Data Privacy Protocols and
Standards
Our IT infrastructure is designed to meet diverse client requirements, incorporating advanced security features:
Disablement of USB ports and optical drives.
Regular patch updates.
Symantec End Point Protection with a central management server.
Fully redundant network infrastructure with automatic fail-over.
Information security policies prohibiting unlawful activities and unauthorized commercial use of systems.
Encryption of hard drives.
Installation of approved anti-virus software on all Windows-based systems.
Multi-factor authentication.
Unified threat management devices with fully adjustable data and content filtering.
Prohibition of unauthorized activities such as using personal ICT equipment.
Business continuity and disaster recovery
Understanding the critical nature of uninterrupted operations, Hornbill has established comprehensive business continuity and disaster recovery plans.
Risk management
Proactive risk management is central to our operations.
Regular Risk Assessments
Conducting periodic evaluations to identify and mitigate potential threats.
Compliance Monitoring
Ensuring adherence to relevant laws and regulations through continuous oversight.
Employee Training
Providing ongoing education to staff on data security best practices and emerging threats.