Security Compliance

Since the inception of JHL Digital Direct more than 30 years ago we have been handling personal and client information in one form or another. Through our experience working with hundreds of diverse clients from across the country we have developed security policies and practices that satisfy the commonly accepted standards for the direct marketing industry. Through normal business operations we receive numerous vendor compliance inquires. While each inquiry is unique, the basic information requested is often similar. To address the most common questions asked during the vendor compliance review process, we have provided this standardized short form response below. Specific security inquires will be handled upon request.

COMPANY INFORMATION

JHL Digital Direct is privately-owned business that has been in continuous operation since 1985. We are incorporated in the State of Wisconsin, with our primary office located in Stevens Point, Wisconsin. Our President and majority owner has been with the company since 1993. Due to the private ownership of our company, financial statements are not publicly available.

CONFIDENTIALITY

The management and staff at JHL Digital Direct understand and respect the sensitive and proprietary nature of the data and marketing materials provided by our clients for the completion of their marketing efforts. To safeguard this information we have established practices, policies, and controls to protect the privacy and confidentiality of our clients’ materials and customer data. Additionally, we modify our practices and/or implement new practices as needed to meet the unique requirements of an individual client’s proprietary confidentiality agreement.

BUILDING SECURITY

Physical access to the JHL Digital Direct facility is granted only to those with proper authorization. Authorized employees enter our facility through a secured door access control system. Visitors gain entry through limited access points that are controlled, recorded and monitored. All visitors, including outside equipment vendors, are escorted at all times by JHL staff.

Our computer systems and file servers are located in a restricted area of our building that is accessible only by authorized members of our IT staff. Additional physical security measures for our computers and file servers include appropriate climate controls, offsite backups, and uninterruptible power supplies.

INFORMATION TECHNOLOGY SECURITY

JHL Digital Direct has extensive measures in place to ensure the security of data stored on our systems and networks. Central to this is a formal event monitoring program that monitors and logs all network security events. In the event of a security event the incident and the remedial action taken are reviewed immediately by senior management to determine if any additional action is needed.

Additional IT security measures include policies, procedures, and guidelines for securing, maintaining, and monitoring systems and platforms. These cover our core file systems, remote access to our core file systems, local area networks, wide area networks, routers, modems, security devices such as Cisco firewalls, and portable devices, such as laptops.

All devices accessing our systems are password protected. Users are assigned permissions only for those systems specifically required for the duties they perform.

Our senior management team regularly reviews our IT security policy to ensure it provides maximum protection for our company and our clients.

RECORDS MANAGEMENT

JHL Digital Direct has policies and procedures in place to manage the retention of physical and electronic records. At the request of the client their data may be securely erased at the conclusion of processing. We do maintain tracking information per the requirements of the USPS.

INSURANCE INFORMATION

JHL Digital Direct maintains appropriate amounts of commercial and general liability insurance, and professional liability insurance. Policy DEC pages are available for review upon request.

HIPAA COMPLIANT

JHL Digital Direct complies with the privacy standards of the Health Insurance Portability and Accountability Act (HIPAA) to protect patients’ medical records and health information provided to health plans and health care providers.

Updated: July 2024

Hippa Compliant

Copyright by JHL Digital Direct. All rights reserved.

Copyright by JHL Digital Direct. All rights reserved.