IT Security and Compliance
At PeoplePath, we are fully committed to ensuring information security and compliance with global privacy regulations.
At PeoplePath, a comprehensive Information Security Management System (ISMS) governs the security controls we have in place to protect the information of our clients and their talents and users.
Since 2013, our ISMS has been certified and recertified according to the ISO 27001 standard. Download our latest certificate here. For our full ISMS information package:
- We operate in secure data centers only, Amazon Web Services in the US and EU, using firewalls, encryption, and other technologies to protect customer data.
- For disaster recovery, we operate separate backup locations.
- We perform third party reviews & audits of our Information Security Management System (ISMS) on an annual basis.
- Third party specialists perform annual penetration tests to identify and remedy potential technical vulnerabilities.
- We adhere to strict role segregation so that only PeoplePath employees who need to access your data are able to view it.
Data Protection and Privacy
Managing the data and rights of talents under global privacy regulations such as the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) is essential. Your customer success team will help you implement PeoplePath in a GDPR and CCPA compliant way, leveraging the following capabilities:
Rights & Roles
Privileges for viewing and editing profiles and content, as well as using features can be assigned and revoked individually. The assignment can be automated, e.g. based on profile criteria or user action and inaction.
Users have full control over which data they share with whom. Privacy settings can be adjusted in a user friendly way on the level of profile field sections. Additional privacy control layers are available for administrators.
PeoplePath provides a powerful workflow engine consisting of time or action based triggers, conditions, and actions that can be used to automate the compliance process.
PeoplePath allows talents to adjust their email preferences by type of communication or unsubscribe from all emails.
PeoplePath has a comprehensive consent management module that supports compliance with the control and transparency stipulations of GDPR and CCPA.
PeoplePath provides administrators with the ability to see and export the data stored for talents, allowing them to meet the right of individuals under GDPR to see what information is stored about them.
Let's get started!
Contact us today to learn more about how to engage your talent for life.