Privacy
      Back to home
      1. Optimize Help Center
      2. Getting Started
      3. Privacy

      How does Optimize ensure that client information is protected?

      Safeguarding Client Information

      This article provides a detailed overview of Optimize's efforts to enhance client data security and privacy through annual assessments of service providers, emphasizing the importance of evaluating protocols for data management, cybersecurity, and privacy. Additionally, Optimize seeks non-disclosure agreements with service providers, configures role-based access controls for employees, implements physical safeguards and performs internal testing to identify potential vulnerabilities.

      Enhancing Data Security Through Rigorous Annual Assessments of Service Providers

      Optimize diligently evaluates and oversees the data management and security protocols of its service providers. We assess all of our service providers on an annual basis which includes reviewing their protocols for data management, cybersecurity, business continuity and privacy.

      These assessments are part of Optimize's overall risk management and compliance framework to ensure that all outsourced services are effectively managed and aligned with Optimize’s objectives. The main aspects which are included in the assessment are:

      Risk Management:

      • Assessing the risks associated with outsourcing certain services is critical. This includes evaluating the service provider's information security measures and operational capabilities to mitigate potential risks.

      Data Protection and Privacy:

      • Ensuring that the service providers have adequate data protection and privacy measures in place is essential, particularly when handling sensitive client information. The assessment evaluates the provider's data security policies and practices.

      Contractual Obligations:

      • Reviewing the contractual agreements with service providers to ensure all terms are being met and that the agreements include provisions for confidentiality.

      Business Continuity and Disaster Recovery:

      • Optimize assesses the service provider's business continuity and disaster recovery plans to ensure they can maintain operations in the event of disruptions while ensuring client information continues to be protected from a privacy standpoint.


      SOC 2 Security Framework 

      To uphold the highest standards of data security and privacy, we look to incorporate on a best efforts basis, service providers that adhere to the SOC 2 security framework. SOC 2 compliance ensures that service providers implement robust controls and procedures to safeguard client data. This includes regular audits and assessments to verify that their systems and processes align with SOC 2 requirements. Through this approach, we not only protect sensitive information but also enhance trust and accountability with our clients, ensuring that our service providers consistently meet our stringent security and privacy expectations.

      As an example, Optimize’s CRM HubSpot undergoes rigorous SOC 2 Type 2 and SOC 3 audits on an annual basis to attest to the controls that they have in place governing the security, availability, and confidentiality of customer data and the HubSpot products. These controls map to Trust Service Principles (TSPs) established by the American Institute of Certified Public Accountants (AICPA). TRUSTe also attests to HubSpot’s responsible practices consistent with regulatory expectations and standards for privacy accountability. Companies who display the TRUSTe Certified Privacy seal have demonstrated that their privacy policies and practices meet the TRUSTe Enterprise Privacy & Data Governance Practices Assessment Criteria.

      Importance of Non-Disclosure Agreements in Ensuring Client Data Confidentiality

      Another critical aspect of safeguarding clients' data is by way of seeking Non-Disclosure Agreements (NDAs) with our service providers. These agreements outline the clear requirements for maintaining the confidentiality of client information. By seeking NDAs with service providers, we ensure that they are legally bound to uphold the highest standards of data protection and privacy. This additional layer of security provides our clients with peace of mind knowing that their sensitive information is being handled with the utmost care and confidentiality.

      Role-Based Access Controls for Enhanced Data Security

      We have stringent controls in place to ensure that only authorized personnel can access electronic client information. This is achieved through the implementation of role-based access controls, where user permissions are assigned based on specific roles within the organization. By assigning access permissions according to job responsibilities, we can restrict access to sensitive client data only to those who require it to perform their duties. This ensures that data is protected from unauthorized access and helps maintain the confidentiality and integrity of our clients' information. Through this approach, we can enhance data security and minimize the risk of data breaches or unauthorized disclosures.

      Physical Safeguards to Protect Client Data

      In addition to implementing strict digital security measures, Optimize also prioritizes physical safeguards to protect client data. This includes practices such as locking cabinets and workstations when employees leave their desks. By securing physical access to sensitive information, we ensure that unauthorized individuals cannot gain access to confidential client data.

      These practices are essential components of our overall data protection strategy, working in conjunction with our digital security measures to maintain the highest standards of data confidentiality and integrity. By combining physical and digital safeguards, Optimize creates a comprehensive approach to safeguarding client information and minimizing the risk of data breaches or unauthorized disclosures.

       

      Minimizing Data Collection

      Optimize prioritizes the security and privacy of our clients' data not only by implementing strict protocols for data management and security but also by ensuring that we collect only the necessary information to manage their investment accounts. This approach helps us reduce the amount of sensitive data stored, minimizing the risk of exposure in case of a breach.

      Furthermore, we follow specific data retention procedures to ensure that client information is only retained for as long as necessary. In the event that a client is no longer with Optimize, we have procedures in place for securely deleting or archiving their data.

      Utilization of Physical Firewalls to Enhance Data Security

      In addition to digital security measures, Optimize also employs physical firewalls to enhance data security and protect client information. Physical firewalls act as a barrier between sensitive data and potential threats, restricting unauthorized access to confidential information. By implementing physical firewalls in conjunction with digital security measures, Optimize creates an additional layer of defense to safeguard client data.

      Internal Testing

      We place a strong emphasis on conducting internal testing to identify and address potential vulnerabilities in our data management and security protocols. This testing is essential for ensuring that our systems and processes are up to date and effective in safeguarding client information. By proactively seeking out and addressing vulnerabilities, we can strengthen our defences against potential threats and minimize the risk of data breaches or unauthorized access.

      Data Encryption through Google Workspace

      Optimize utilizes Google Workspace which protects by encrypting data both at rest and in transit. This means that all data stored on Google's servers is encrypted to prevent unauthorized access. Additionally, data being transferred between users and Google's servers is also encrypted to ensure secure communication.

      In Google's data centers, data belonging to Google Workspace users is stored at rest in two types of systems:

      • ●  Disks: Disks are used to write new data as well as store and retrieve data in multiple replicated copies

      • ●  Backup media: Google also stores data on offline backup media to help ensure recovery from any catastrophic error or natural disaster at one of their data centers.

        Data stored at rest is encrypted on both disks and backup media, but for each system, they utilize a distinct approach for encryption to mitigate the corresponding security risks

      To learn more about Google Workspace Encryption click the Link