your privacy, our priority

The company’s risk assessments are performed at least annually. As part of this process, threats and changes (regulatory and technological) to service commitments are identified and the risks are formally assessed. The risk assessment includes a consideration of the potential for fraud and how fraud may impact the achievement of objectives.

The company’s security commitments are communicated to customers in Master Service Agreement (MSA).

VeriFee ensures that all vendors and related third parties engaged in our operations adhere to the highest standards of confidentiality and privacy through comprehensive written agreements.

Key provisions in our third-party agreements include:

• Confidentiality Clauses: Require third parties to safeguard all sensitive information and prevent unauthorized disclosure.
• Privacy Commitments: Mandate compliance with VeriFee’s privacy standards and applicable regulatory requirements to protect customer data.
• Data Handling Protocols: Define clear expectations for the secure processing, storage, and transfer of data.
• Audit and Compliance: Allow for periodic reviews to ensure ongoing adherence to contractual obligations.

Maintaining trust, productivity, and security is a top priority. To ensure these standards are upheld, all employees are equipped with company-issued devices monitored by ActivTrak, a leading workforce analytics and monitoring platform.

This monitoring helps:

• Protect sensitive client and company data.
• Ensure compliance with security protocols.
• Foster a productive and focused work environment.

At VeriFee, safeguarding our systems and data is a cornerstone of our commitment to security. We deploy robust technology solutions to environments that are commonly targeted by malicious attacks. Our security protocols include:

• Comprehensive Coverage: Norton Antivirus is installed across all relevant systems, tailored to operate seamlessly within our Mac environment.
• Routine Updates: Security configurations are regularly updated to address emerging threats and ensure optimal protection.
• System Logging: All activities and updates are logged, providing transparency and enabling swift responses to any anomalies.

These measures reflect VeriFee’s proactive approach to maintaining a secure digital environment, ensuring the safety of both our operations and the sensitive information entrusted to us.

At VeriFee, trust and compliance are integral to our operations. To maintain these values, we conduct thorough background checks on all new employees using Checkr.com, a trusted leader in background screening services.

Our checks include:

• Verification of credentials and qualifications.
• Screening for compliance with Anti-Money Laundering (AML) standards, ensuring adherence to regulations and industry best practices.
• Mitigation of risks to protect our clients, partners, and operations.

Learn more about Checkr

Safeguarding sensitive information is a cornerstone of our operations. To uphold this commitment, all employees are required to sign a Confidentiality Agreement as part of the onboarding process.

This agreement ensures:

• Employees understand their responsibility to protect client, company, and proprietary information.
• Compliance with VeriFee’s stringent standards for confidentiality and data security.
• Alignment with industry best practices for ethical handling of sensitive information.

By formalizing this commitment during onboarding, VeriFee reinforces a culture of trust, integrity, and accountability from day one.

To ensure the secure and ethical management of sensitive information, VeriFee requires all employees and some vendors to acknowledge and adhere to a Data Handling Policy upon hire.

This policy outlines:

• Data Protection Standards: Guidelines for accessing, storing, and sharing client and company data securely.
• Compliance Requirements: Alignment with industry regulations and best practices for data privacy.
• Accountability Measures: Clear expectations for handling sensitive information and consequences for non-compliance.

By enforcing this policy, VeriFee maintains a high standard of data integrity and security, ensuring that all employees are equipped to handle information responsibly and protect our clients’ trust.

VeriFee employs a robust Mobile Device Management (MDM) system to centrally manage and secure all mobile devices supporting our services.

Key benefits of our MDM system include:

• Centralized Control: Enables secure configuration, monitoring, and management of all company-issued mobile devices.
• Data Protection: Ensures sensitive information is encrypted and safeguarded against unauthorized access.
• Compliance Assurance: Aligns device usage with company policies and industry regulations.
• Remote Management: Allows for quick action, such as wiping or locking devices in case of loss or theft.

By adhering to standardized privacy policies, we ensure that our client’s personal and financial information is treated with the utmost respect and confidentiality.

Read our Privacy Policy

We use cookies to enhance your browsing experience, understand how our website is used, and provide personalized content tailored to your interests. Cookies are small text files stored on your device that help us analyze website traffic, remember your preferences, and improve our services.

Read our Cookie Policy Here

We treat all information under non-disclosure terms, ensuring that your data is protected, and information is never shared or sold, or used by any third party. In addition, we also treat all staff as covered person(s) for any material nonpublic information, such as revenue, for Insider Trading Policies.

Read our Confidentiality and Insider Information Policy

The company’s datastores housing sensitive customer data operate on Amazon Web Services (AWS), ensuring that all data is encrypted when stored, a practice known as “encryption at rest.” AWS is renowned for its robust security measures, and you can find detailed insights into their data encryption practices in their documentation.

Read about AWS Encryption at Rest

Our Data Backup Policy establishes rigorous requirements for the backup and recovery of customer information to ensure data integrity and availability at all times.

Key elements include:

• Regular Backups: Customer data is backed up on a defined schedule to minimize the risk of data loss.
• Secure Storage: Backups are encrypted and stored in secure, redundant locations to protect against unauthorized access and physical damage.
• Recovery Protocols: Clear procedures are in place to ensure swift restoration of data in the event of a disruption.

VeriFee maintains formal procedures for the secure retention and disposal of customer data, ensuring compliance with industry regulations and best practices.

Key aspects of our policy include:

• Secure Data Storage: Customer data is stored using Box.com, a trusted industry leader renowned for its advanced security features and compliance with regulatory standards.
• Retention Guidelines: Data is retained for defined periods based on operational, legal, and regulatory requirements, ensuring accessibility while minimizing unnecessary storage.

Learn more about Box.com security and compliance practices 

The US Department of Health and Human Services (HSS.gov) has stated that credit card processing does not fall within the scope of HIPAA as no health record information is being stored – only card payment information and collecting payments is excluded explicitly from HIPAA mandates. No card holder, bank account, or other material information is shown on credit card processing statements.

See 45 CFR 164.502(e), 164.504(e), 164.532(d) and (e) 

Whether it’s an accidental mishap involving property damage or an unforeseen liability, our $2MM aggregate General Liability policy ensures peace of mind for both VeriFee and our stakeholders. With no deductible, we prioritize rapid and seamless resolution of potential claims.

Coverage Details:

• Policy Limits: $1MM per occurrence / $2MM general aggregate
• Deductible: No deductible for General Liability coverage
• What’s Covered:
  • Accidental damage to third-party property
  • Third-party bodily injury and related medical expenses
  • Personal injury, including libel or slander
  • Actions of employees and temporary staff
  • Defense costs and damages up to policy limits

Cyber threats are an ever-present risk in today’s digital age. Our Cyber Security coverage ensures VeriFee can respond to and recover from incidents such as cyberattacks, protecting both our business and our clients from financial and reputational harm.

Coverage Details:

• Policy Limits: $250,000 per claim / $250,000 aggregate
• Shared Limits: Cyber Liability and Digital Media coverage share the aggregate limit, ensuring comprehensive protection across cyber and media risks.
• What’s Covered:
  • Cyber Crime: Protects against financial and property losses from cyber deception, invoice manipulation, and funds transfer fraud. Examples include impersonation scams or hacked invoices misdirecting funds.
  • Terrorism Coverage: Provides protection against losses caused by certified acts of terrorism, as defined by the Terrorism Risk Insurance Act.

Our clients trust us to deliver expert advice and solutions. E&O Insurance provides a safety net for unforeseen professional oversights, ensuring that any potential claims do not disrupt our operations or compromise our client relationships.

Coverage Details:

• Per-Claim Limit: $500,000
• Aggregate Limit: $1,000,000 annually
• What’s Covered:
  • Claims arising from errors, omissions, or negligence in the professional services VeriFee provides.
  • Legal defense costs and settlements related to covered claims.