In today’s data-driven world, data security and the protection of sensitive information is important to both individuals and organisations.
At QRMC, we give careful consideration to the security and confidentiality of data entrusted to us by our clients.
The conditions of employment for our staff include obligations to ensure the confidentiality of client information, both during and after the term of employment.
QRMC’s personnel working on specific client projects execute formal confidentiality agreements when required.
QRMC has established, implemented and maintains a document and data control procedure to ensure that information provided by clients is readily identifiable, safely stored, and easily retrievable.
Security and Backup
QRMC uses a cloud-based data storage and sharing product to provide real-time and off-site back up of all data. Reinstatement of key data can occur where required within a short timeframe, to ensure continuity of client services.
Data security mechanisms used by the our cloud-based provider include industry best practice encryption standards:
- 256-bit SSL (Secure Sockets Layer) encryption for data in transit between local storage and cloud storage
- AES-256 data encryption whilst data remains on the provider’s servers
Regular stress-tests are undertaken by the cloud storage provider of its data security systems to prepare for and counter potential cyber threats.
Whilst QRMC relies on the best available information to select and maintain best-practice data security standards, regular interface with the online world and the use of a cloud-based data storage and sharing product can present risks.
For clients concerned about the security of especially sensitive data, QRMC offers the following controls on request:
- Local encryption of data before transmission to cloud storage (meaning that if the cloud provider’s encryption keys are compromised, the data is still protected by another layer of encryption which is locally controlled)
- Offline storage with multi-site backup