Certifications & compliance
The security and accuracy of your data is our primary concern. We daydream about data preservation solutions as we ride the train home from work. At our kid's T-Ball games we cheer for Stacey but secretly take notes on data security. When we lie in bed at night we're just waiting to drift off into an encrypted dreamland. Data security and accuracy is ingrained in our day to day.
But we don't just dream it, we make our security dreams a reality. With our technology, we ensure that what you give to us is transmitted securely. Not only that, we guarantee that what we give back comes back fast, accurate, clean and secure. And knowing that your data is safe is enough to help us rest easy.
That is why we have worked hard to show that security is our top priority.
Smarty is:
USPS CASS™ certified
The Coding Accuracy Support System (CASS) enables the Postal Service to evaluate the accuracy of corrected and matched street addresses.
As a CASS-Certified™ provider, we meet the stringent requirements that the USPS has outlined. This ensures that your data will be cleaned, standardized and verified deliverable under virtually every circumstance. Our technology has been evaluated and certified in the following areas:
- 5-digit coding
- ZIP + 4/ delivery point (DP) coding
- Carrier route coding
- DPV® or DSF2®
- LACSLink®
- SuiteLink®
- eLOT®
- RDI™
Learn more about Smarty CASS™ certification here.
AICPA SOC2 certified
Developed by the American Institute of CPAs (AICPA), the SOC 2 system requirements defines criteria for managing customer data based on five trust services principles—security, availability, processing integrity, confidentiality and privacy.
We're so secure that our security systems have been audited, our employees have been background checked, and our software has been tested, all to ensure our SOC 2 system requirements. Not only that, our employees are also routinely trained in secure data management. Your data is safe with us. And if you'd like, a detailed 50 page report of our certification can even be provided to attest to the fact.
HIPAA compliant
HIPAA is the Federal Health Insurance Portability and Accountability Act of 1996. The intended goal of HIPAA is to "make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs."
Health care providers need to investigate potential partners to see how information is handled. For a fully HIPAA-compliant data solution, you can read more about our Enterprise data program. If you'd like, we are happy to enter into a service partnership to validate your addresses. This allows us to become "part of your organization" for this function only, legitimizing the process and remaining within the HIPAA requirements.
To further ensure data privacy, you may want to provide address-only lists. An important rule in data security is transmit only the minimum necessary information to achieve the desired outcome. On our end, there is no need to include customer names, phone numbers, social security numbers or anything else. All we need in order to validate an address is the address itself. You can remove all other information about the client—for example, use unique IDs instead of names—and we can still get the job done. You can learn more here: (Approach to Security document).
Updated: April 13, 2022