Privacy & Cybersecurity


Ensuring round the clock security of Fund and Participant data

Our Top Priority - The Families We Serve

 

As a result, we invest annually in state-of-the-art information protection technologies and operating processes to meet ongoing regulatory and compliance objectives, to protect our clients’ data. Our industry-leading investment in emerging technology and robust cybersecurity programs stems from a passion to see our clients succeed.
 

Cybersecurity:

  • Program based upon the Department of Commerce, National Institute of Standards and Technology (NIST) directives and guidance
  • Formally documented and practiced
  • Risk assessments conducted in real time, internally, externally and between interconnected hybrid relationships
  • Vulnerability management occurs in real time, with third-party annual audit of security controls
  • Workforce cybersecurity awareness training conducted annually
  • Simulated phishing campaigns are conducted throughout the year on a reoccuring basis
  • Program administered by a full-time, certified cybersecurity team, with real-time and automated incident response capabilities
  • Third-party SOC Audits are conducted annually
  • Comprehensive Records Retention and Destruction Policy

Oversight of HIPAA Compliance


We maintain policies and procedures consistent with HIPAA as amended by HITECH 164.308(a)(1)(ii)(A), SOC1, ISO 27001 and NIST 800-66; governing information Security and Privacy.
 

Internal Compliance Team:

Compliance & Privacy Officer: 
Patricia Kuchenreuther, AIRC (Associate, Insurance Regulatory Compliance) CHP (Certified HIPAA Professional)

Chief Information Security Officer: 
Randall Zigabarra CISA – (Certified Information Systems Auditor), CISM – (Certified Information Security Manager), CISSP – (Certified Information Systems Security Professional)


Principal industry groups driving our HIPAA Security and Audit compliance:

  • The International Information System Security Certification Consortium (ISC)²
  • The Information Systems Audit and Control Association (ISACA)
  • The National Institute of Standards and Technology
 

Principal industry groups we belong to:

  • Society of Professional Benefit Administrators (SPBA)
  • International Foundation of Employee Benefit Plans (IFEBP)

Disaster Recovery and Business Continuity


The continuation of our services following a disaster or service disruption is critical to the success of both the company and, more importantly, the service delivery for our client Trusts. Business Continuity Planning with integrated Disaster Recovery Planning is maintained and administered by the Chief Information Security Officer.
 

Offsite Backup and Redundant Recovery Capabilities:

  • Documented Business Continuity and Disaster Recovery Plan Programs
  • Multiple full backups ensure no data is lost
  • Annual and Adhoc exercises are conducted to affirm redundant capabilities
  • All data is also stored offsite to ensure data can easily be restored in the event of a disaster

 


Zenith American Solutions' dedicated resources ensure the highest level of attention to compliance with regulatory requirements and preparedness when it comes to privacy, security and disaster recovery.


 

Contact to Learn More


Call anytime to learn how Zenith American Solutions can mitigate risks and protect your Trust Fund
 


Thomas Sciuto
Executive Vice President
Chief Growth Officer

Connect on LinkedIn

P: 203 383 0801


Bonnie Payson
Sr. Vice President
Business Development

P: 702 460 4134


David Dion
Vice President
Business Development

Connect on LinkedIn

P: 480 489 3164

Subscribe to Our Blog - BenefitTalk


Our national reach and breadth of services, supported by our many leading accredited industry experts, allows us to be well educated on recent industry news, updates, regulatory changes, trends, and best practices. To support our ongoing commitment to our clients, we offer these tidbits of helpful information and industry insight through our blog and you have the option to sign up to receive each new update, Benefit Talk.

 


 

Submit a Request For a Proposal

 

Submit a request for additional information by filling out the form, CLICK HERE.