Security, Compliance and Confidentiality

We are dedicated to providing industry-leading security, confidentiality and regulatory compliance to our customers. CopyWrite Transcription and our partners comply with specialized regulatory requirements that our small, medium, and Fortune 500 customers must meet. As such, we are able to provide a compliant file transfer service to customers who must meet stringent data privacy and data security regulations.

Below is a list of Regulatory compliance and links to learn more

EU Safe Harbour
SAS 70
SSAE 16
PCI DSS
FIPS 140-2
HIPAA

Life Cycle Encryption Keys

  • Key Life Cycle – Best practice calls for rotation of encryption keys. Our encryptionTranscription Confidentiality process uses unique keys for every transfer and the keys are only valid for the life of the data (defined by the customer). Encryption keys are never re-used.
  • Key Storage – CopyWrite Transcription does not store encryption keys used to encrypt customer’s data. The keys are derived from multiple sources, but never stored.
  • Key Location – Each encryption key is derived from multiple unique data sources. These data sources for the life cycle keys are maintained in a completely separate data center from any files being transferred.