At ConnectiveRx, we understand the importance of protecting our customers' sensitive information and data. That's why we have implemented a comprehensive security program that adheres to the highest standards and best practices. Our program is built on frameworks such as NIST Cybersecurity Framework (CSF), SOC2, HIPPA, and PCI to ensure the highest level of security. We undergo third-party attestation audits annually for SOC2 (Type II audit for Security, Privacy, and Confidentiality), SOC1 (Type II), HIPAA, and PCI to provide additional assurance to our customers.
To provide even greater protection, ConnectiveRx has a dedicated Information Security Team, organized into several key areas for maximum effectiveness..
The Chief Information Security Officer (CISO) holds overall accountability for our Information Security program and is responsible for setting the strategic direction, managing security-related investments, leading technical functions, and informing the Executive Management Team on all security-related risks.
The Sr. Director of Information Security GRC oversees the Governance, Risk, and Compliance team, which ensures the maintenance of our security policies and procedures, conducts comprehensive documentation and testing of security controls, executes third-party attestation audits, and executes the Information Security risk management process, managing both internal and 3rd party risk.
The Manager of Information Security Operations leads the Information Security Operations team, which is responsible for the day-to-day management and monitoring of all Information Security-related platforms and controls, responding to security events escalated from the Security Operations Center, maintaining technical security platforms, and developing and executing security runbooks.