Archive One's security features for storing Personally Identifiable Information (PII)
What is Personally Identifiable Information (PII)?
Personally Identifiable Information (or simply Personal information) is defined by the National Privacy Commission as "any information whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual."
Simply put, PII is any data that has the potential to identify a specific person. This can be a person's name, address, social security number, or other identifying number or code, telephone number, and email address. This may also include a combination of data elements such as gender, race, birth date, geographic indicator, and other identifiers.
The following are some of Archive One’s features designed for the storage of Personally Identifiable Information (PII).
How Archive One Protects Personally Identifiable Information (PII)
Not all PII data are considered sensitive, however, data such as medical information, personally identifiable financial information, social security numbers, TIN, passports, and driver’s license numbers are all examples of sensitive PII. To distinguish sensitive PII, one of the factors that sets apart a sensitive PII from non-sensitive PII if a sensitive PII consists of information that could put an individual at risk if improperly shared or disclosed. When being stored or processed electronically, sensitive PII should be encrypted both at rest and in transit.
Binary Storage
Records are stored in binary format inside the database and cannot be opened from the file system. Archive One does NOT store records in the file system because elevated privileges will have access to the raw files and breaks security.
At Rest: Native Encryption
Supports encryption of fields or data associated with a document. Even users with escalated database privileges such as Database Administrators will not have access to the information.
In Transit: TLS and SSL
Supports encryption of data on database connections and network connections between clients and servers also browsers and servers.
Access Audit Logs
Logs are generated for all actions related to a record. This includes check-ins, check-outs, previews, downloads, and other important events.
In Transit: TLS and SSL
Supports encryption of data on database connections and network connections between clients and servers also browsers and servers.
IP Filters
The Archive One private cloud setup supports IP filtering. This means that only traffic from specific IP addresses will be allowed to connect to it.
This is great for restricted cloud deployments only specific offices can connect to it.
Authentication with One Time Passwords
One-time passwords are a great way to ensure identity. Codes are sent to a user’s mobile phone.
The codes have a 5-minute expiry for added protection. This is a great way to enjoy the benefits
of a cloud setup but has the restrictions of an Intranet.
Protecting Personal Information with Archive One
As a general course of business, companies have documents stored in their system containing Sensitive Personal Information. They are required to store these documents in a responsible manner to protect the data it contains. Archive One allows compliance with different privacy standards and reduces the risk of a data breach.
Archive One is a document management system (DMS) designed to help companies easily classify, store, secure, and retrieve essential company documents that are needed for retention and audits. With our partners' help, we provide an end-to-end document management solution from scanning to document storage at a highly competitive price.