Data Security Policy
At Molecular Connections, we understand the importance of safeguarding your digital information and protecting your privacy. This Data Security Policy outlines the measures and guidelines we have implemented to ensure the security of your data from unauthorized access, disclosure, alteration, or destruction. We are committed to maintaining the confidentiality, integrity, and availability of your data throughout our business operations.
We are accredited with the ISO/IEC 27001:2013 Certification, an internationally recognized standard for information security management systems. This certification demonstrates our commitment to adhering to the highest level of data security requirements and best practices outlined in the ISO/IEC 27001:2013 standard. We have implemented a robust data security framework that encompasses the necessary controls, policies, and procedures to safeguard data from unauthorized access, disclosure, alteration, or destruction.
Confidentiality and Non-Disclosure
We prioritize the protection of sensitive information and adhere to strict non-disclosure practices. Under no circumstances do we disclose, sell, rent, or share data with unauthorized third parties unless required by law or with stakeholders explicit consent. Access to data is strictly limited to authorized personnel who require it for the sole purpose of carrying out their responsibilities. We maintain comprehensive confidentiality agreements with our employees, contractors, and vendors to ensure the utmost protection of data and uphold the highest standards of confidentiality.
Data Protection Measures
Access Control
We employ stringent access control mechanisms to ensure only authorized personnel have access to data shared or stored with us. User accounts are created for our employees, contractors, and vendors, with access privileges granted on a need-to-know basis. Strong authentication mechanisms, such as complex passwords and multi-factor authentication, are implemented to prevent unauthorized access.
Physical Security
Physical access to areas where your data is stored, processed, or transmitted is strictly controlled. We employ various security measures, including access control systems, video surveillance, and visitor management, to prevent unauthorized access to our premises and data centers.
Data Backup and Recovery
Scheduled data backups are performed regularly to ensure its availability and to protect against data loss. Backups are securely stored and periodically restored for accuracy and recoverability. In the event of a data loss incident, we have established procedures for restoring data to minimize disruption to business operations.
Employee Training and Awareness
We provide regular training and awareness programs to our employees to ensure they understand the importance of data security and their responsibilities in safeguarding data. This includes training on identifying and reporting potential security risks, adhering to data protection policies and procedures, and maintaining the highest level of professionalism and ethics.
Incident Response and Reporting
In the event of a data security incident or breach, we have a formal incident response plan in place to address the situation promptly and effectively. Our employees are trained to recognize and report security incidents, and we have established channels for reporting such incidents. Stakeholders will be notified promptly if there is a breach that could impact the confidentiality, integrity, or availability of their data.
Compliance with Laws and Regulations
We are committed to complying with all applicable data protection laws and regulations. Our data security program is regularly reviewed and updated to ensure alignment with legal and regulatory requirements. We strive to stay up to date with industry best practices and standards to continually improve the security of your data.
Data Protection Officer (DPO)
We have appointed a Data Protection Officer (DPO) to oversee our data protection efforts, ensure compliance with data protection laws, and act as a point of contact for data protection inquiries or concerns. You can reach out to our DPO at dpo@molecularconnections.com