Global Communications Compliance
Global Communications Compliance
At AVOXI we understand how important it is to provide customers with peace of mind knowing their information is secure. Our cloud communications platform maintains the most up to date and reliable technology available to ensure your organization's data is protected and we adhere to global privacy regulations and security standards.
PCI Compliance
With call recording software and payment collection services, your business may be accessing and processing sensitive customer information. Your customers are trusting you to keep their addresses, credit cards, account details, and emails safe from malicious activity.
Continuing to build out our reliable and secure network, we've adjusted the security control setting to maintain PCI-DSS v. 3.2.1 compliance. AVOXI has implemented:
Session Timeout
Safeguard access to AVOXI when a team member steps away by configuring your teams' inactivity timeouts.
Password Controls
Set password standards for your business with password rotation, minimum password age and reuse limit.
Failed Login Lockout
Bad Login lockout can be activated to mitigate risk and better protect your customers' personal identification details.
PCI Compliance
With call recording software and payment collection services, your business may be accessing and processing sensitive customer information. Your customers are trusting you to keep their addresses, credit cards, account details, and emails safe from malicious activity.
Continuing to build out our reliable and secure network, we've adjusted the security control setting to maintain PCI-DSS v. 3.2.1 compliance. AVOXI has implemented:
Session Timeout
Safeguard access to AVOXI when a team member steps away by configuring your teams' inactivity timeouts.
Password Controls
Set password standards for your business with password rotation, minimum password age and reuse limit.
Failed Login Lockout
Bad Login lockout can be activated to mitigate risk and better protect your customers' personal identification details.
HIPAA Compliance
The Health Insurance Portability and Accountability Act, also known as HIPAA, is a US federal law that protects sensitive patient health information ("PHI") from being disclosed without the patient's consent or knowledge. Companies that handle any form of PHI must ensure the necessary security protocols are in place and being followed.
Business Associate Agreement
If you are a Covered Entity and if AVOXI will handle or process e-PHI, then AVOXI will provide a HIPAA-compliant business associate agreement ("BAA") at the start of the service.
External Storage Solutions
For those customers utilizing our unlimited call recording, AVOXI now provides a HIPAA compliant way to store and access these recordings. External storage solutions help support compliance and provide peace of mind to those responsible for handling personally identifiable health information. Call recordings containing PHI can be externally stored and managed directly on your own secure server. This flexible solution is currently available for those customers using Amazon Web Services (AWS).
STIR/SHAKEN
STIR/SHAKEN is a security standard designed to reduce the growing numbers of robocalls made to US & Canadian citizens. The acronym stands for Secure Telephony Identity Revisited (STIR) and Signature-based Handling of Asserted information using toKENs (SHAKEN). Per the FCC, STIR/SHAKEN is a mandated security standard for all calls delivered to recipients in the US & Canada.
AVOXI is compliant with FCC requirements relating to STIR/SHAKEN. If your calls are terminated by AVOXI, there is no action required on your end. Calls originating from AVOXI are protected from being blocked by downstream carriers as long as they do not violate the CLI mandates.
Robocall Mitigation Program
AVOXI is registered in the FCC's Robocall Mitigation Database and has implemented and Robocall Mitigation Program. We respond to all traceback requests from the Commission, law enforcement, and the registered traceback consortium and cooperate with such entities in investigating and stopping any illegal robocallers that use our service to originate calls.
Data Privacy
GDPR
The General Data Protection Regulation (GDPR) aims to create consistent protection of consumers and the personal data of all individuals within the European Union (EU) and the European Economic Area (EEA). It standardizes data protection law across all 28 EU countries, removing the need for each state to write its own data protection laws.
 |
Privacy ShieldAVOXI complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries and Switzerland to the United States, respectively. AVOXI has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, accountability, for onward transfer, security, data integrity, and purpose limitation, access, and recourse, enforcement, and liability. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view AVOXI certification, please visit https://www.privacyshield.gov |
POPIA
The Protection of Personal Information Act (POPIA) of South Africa aims to promote the protection of personal information ("PI") processed by public and private bodies, to introduce certain conditions so as to establish minimum requirements for the processing of personal information, to provide for the rights of persons regarding unsolicited electronic communications and automated decision making, to regulate the flow of personal information across the borders of the Republic and to provide for matters connected therewith.
 |
|
CCPA
The CCPA is California's newest privacy law aimed at enhancing consumer privacy rights for residents of California, United States. The law became effective and fully enforceable from July 1st, 2020. CCPA puts in place new requirements for processing personally identifiable information, and grants Consumers additional rights, therefore, it will likely have a significant impact on both business processes and overall liability.
 |
|
The General Data Protection Regulation (GDPR) aims to create consistent protection of consumers and the personal data of all individuals within the European Union (EU) and the European Economic Area (EEA). It standardizes data protection law across all 28 EU countries, removing the need for each state to write its own data protection laws.
Privacy Shield
AVOXI complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries and Switzerland to the United States, respectively. AVOXI has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, accountability, for onward transfer, security, data integrity, and purpose limitation, access, and recourse, enforcement, and liability. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view AVOXI certification, please visit https://www.privacyshield.gov