Security and compliance are cornerstones of API’s operational framework.
Every client of Absolute Performance is subject to one or more stringent compliance domains including, but not limited to:
- Payment Card Industry (PCI)
- Health Insurance Portability and Accountability Act (HIPAA and HITECH)
- Consumer Financial Protection Bureau (CFPB)
- Sarbanes Oxley (SOC)
- Statement on Standards for Attestation Engagements (SSAE16)
- Federal Information Security Management Act (FISMA)
Absolute Performance works closely with each client to help enable their specific interpretive needs for compliance ranging from encryption to security controls and access.
Whether it be consultative recommendations outside the bounds of our purview, or operating within an Absolute Performance SSAE16 audited infrastructure with fully encrypted access and files, Absolute Performance is there to help you achieve the critical success factors required for compliance.
Absolute Performance has been audited by Control Case LLC and found to be in compliance with requirements of PCI Data Security Standard Version 3.2 as per Report on Compliance issued on September 29, 2017. The PCI Data Security Standard isused by all major card brands as the common security standard for their compliance programs. Brands and programs include,
- VISA USA – (CISP – Cardholder Information Security Program)
- VISA International – (AIS – Account Information Security)
- MasterCard Worldwide – (SDP – Site Data Protection)
- American Express – (DSOP – Data Security Operating Policy)
- Discover Network – (DISC – Discover Information Security and Compliance)
- JCB – Fully supports the PCI DSS mandate