Privacy, Security, and Compliance

Security

Collaborative, Integrated Approach for Confidence and Peace of Mind

The financial services marketplace is characterized by increasingly sophisticated security breaches, heightened regulatory oversight and complex compliance requirements. That’s why Harland Clarke is committed to securing the confidential information that your financial institution and your account holders entrust to us.

Security is a core competency for us and our integrated approach, comprised of several critical elements, considers every point of potential risk. 

In-house Oversight, Visibility and Control

Careful oversight of our security function takes place in-house and is an integral part of both our corporate culture and our day-to-day business. Additionally, we have visibility and control over the entire supply chain in terms of data protection – from other Harland Clarke Holdings Corporation companies with which we collaborate, to every vendor we engage.

Documented Information Security Management Program

Our program combines physical and logical control measures and uses a risk-based, layered security model to provide end-to-end protection of confidential information. Controls are consistent with the comprehensive requirements defined in ISO/IEC 27002:2013, an information security standard published by the International Standards Organization. 

PCI Certification

Harland Clarke Card Services maintains Payment Card Industry Data Security Standard (PCI DSS) certification. Solutionary®, a third-party Qualified Security Assessor, conducts the periodic assessments required for this certification.

Audits and Assessments

As a critical security vendor, we understand the need to ensure compliance and regulatory requirements are met. Our external auditor performs both SOC1 and SOC2 Type 2 audits, and these reports are available to our clients upon request. We also conduct ongoing vulnerability assessment and penetration test scanning, and offer onsite reviews for clients who are required to validate our control frameworks.   

Annual Disaster Recovery Test

We conduct an annual assessment of critical systems recoverability throughout our facilities and maintain a disaster recovery plan. In addition, executive management annually reviews and makes critical updates to our corporate business continuity plan.

Integrated Security Strategy

Our collaborative approach links the four elements of security — physical security, information security, business continuity and compliance — to provide a greater understanding of the implications of security practices across our organization.     
                                                                                                                        
If you are an existing client, please contact your Harland Clarke account executive to receive compliance documentation.

 

All marks are the property of their respective owners.