About
At IWCO, we understand the challenges Chief Marketing Officers (CMOs) and business leaders face with evolving regulatory needs, changing markets, and data protection requirements.
That’s why IWCO goes beyond the baseline to deliver a best-in-class information security program, with considerations for clients in highly regulated industries like Finance, Healthcare, Insurance, and others.
Rest assured — your data is in secure hands. IWCO’s Information Security Program is independently audited multiple times annually.
We hold ISO 27001, PCI DSS v4.0, and HITRUST CSF r2 certifications, are SOC 2 compliant, and operate HIPAA/HITECH compliant facilities.
Our security practices may start with compliance, but IWCO also leverages a risk-based, defense-in-depth approach to Information Security that includes employee training, robust data protection policies, and integration of clients’ data security requirements into our processes.
IWCO has based its security practice on ISO 27001, PCI DSS (Payment Card Industry), and HITRUST (Health Information Trust Alliance) standards to promote the development of a corporate environment which safeguards the security, confidentiality, privacy, integrity, and availability of customer and company information.
We are independently certified to all three standards by a qualified third-party assessor. Additionally, IWCO undergoes annual SOC 2 Type II assessment and reporting for all 5 trust service criteria.
In order to achieve certification, we were required to meet or exceed established benchmarks relating to the physical facilities, information technology, and internal process controls of our data security system.
Our dedicated information security personnel are focused on the areas of governance, risk and compliance, internal audit, security incident response, training, and vulnerability management.
IWCO’s security program is fully supported by a Security Steering Committee, composed of members of senior leadership to ensure oversight and administration of the Information Security Management System (ISMS).
Staff certifications include CC, CISM, CISA, SSCP, Security+, and ISO 27001 Lead Auditor.
IWCO maintains a PCI DSS Level 1 certification
IWCO maintains a SOC2 Type II report, including all 5 applicable trust service criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy
IWCO maintains HITRUST r2 Certification, the most rigorous and comprehensive certification level
We’ve fostered a culture of security and recognize that it is a continuously evolving practice.
Security begins on the first day of employment, with new employees receiving security awareness and critical compliance training. Our internal security requirements are seamlessly integrated with those of our clients into our Employee Handbook, data security policies, and everyday procedures.
We continue to build security awareness into our company culture with ongoing communication across the organization to ensure everyone understands that security is part of everyone’s job, with discipline and diligence required at all times.
7951 Powers Boulevard
Chanhassen, MN 55317
Phone: (952) 474-0961
65 Steamboat Drive
Warminster, PA 18974
Phone: (215) 672-6900
100 Industrial Drive
Hamburg, PA 19526
Phone: (610) 562-1000
Contact us today to learn more about how we can deliver innovative, creative, and data-driven solutions that drive measurable results for your unique business.
