Data Governance Principles
Fundamentally, the eFORMz multichannel platform is a transactional-based system. It handles but does not ingest data. While eFORMz is capable of interacting with financial data, operational transaction data, business reference information and personally identifiable information in the course of a given implementation, with the authorized and informed consent of the end-user client, that information is never stored and consequently data can’t be stolen, deleted or unlawfully shared. As such, eFORMz doesn’t maintain a rigorous strategy for the protection of data, business continuity and data stewardship. All aspects of these and other data management processes, broadly referred to as data governance in corporate parlance, do not apply to eFORMz.
Data Protection Policy (Personally Identifiable Information)
The eFORMz multichannel platform doesn’t collect Personally Identifiable Information (PII). eFORMz processes but does not store PII. In the context of eFORMz operations, PII is used to build shipping labels. During the mapping process, the only data fields used are “ship from address”, “ship to address”, “customer name” and/or “customer phone”. Since eFORMz doesn’t store PII, the data cannot be shared. eFORMz is a transactional-based system, therefore data is only in memory during processing. Once processing is finished, the data is expunged from memory.
As for processing, our solutions are designed to be transactional in nature and do not typically maintain PII data at rest. For all persistence of data, we use encryption with data being passed to the server with HTTPS and trusted certificate validation to ensure all encryption-at-rest requirements are met.