Customer Security Responsibilities

From time to time, we receive questions from our customers as to how Center Dynamics handles the protection and confidentiality of our customer's data. And part of the answer is that it is a team effort.

At a high level, Center Dynamics handles security of the Center IC application and its surrounding system and environment. We strive to ensure your system and environment and the Center IC application is compliant with relevant industry security standards. We have designed and implemented many security controls to protect your customer data at the macro level.  But to achieve optimal protection, we need our customer's help.

You (our customer) manage the information within your Center IC account.  You determine the Center IC system administrator(s) who control staff user account settings with options for granular permissions to access/create/delete and view your data.  When using our applications, you are responsible for ensuring your business is meeting your own compliance obligations. In this regard, we strongly recommend that you implement the following types of requirements (at a minimum) within your organization to enhance the overall security of your Center IC related systems and processes.

• A unique staff account should be created for each individual staff person
  • Staff account information (the Login ID & Password used to authenticate) should not be shared between staff
  • Center IC is designed to allow each staff person to privately create their own unique password
• If staff are terminated or become inactive, their Center IC staff account should be immediately deactivated by a system administrator
• System administrators should limit each staff person's permissions to the minimum requirements necessary based on their job role and organization policies
• Anti-Virus protection should be required and up-to-date on all staff devices
• Staff should have a basic understanding of how to recognize and avoid viruses and malware and other external hacking & phishing attempts
• Staff should only use company-owned/protected devices
• Staff should not download client files or sensitive client records or reports onto non-company devices
• Staff devices should be secured with lock screen, password, pass-code, or fingerprint technology, etc. to protect from lost or stolen device, inactivity, walking away (leaving the room) from an authenticated screen, etc. 
• Where feasible, devices should authenticate through the organization's VPN
• Staff should report any suspicious activity from the system/application to management (system administrators) and Center Dynamics immediately

Reporting responsibilities (notifying Center Dynamics)

If any privacy or security aspect of Center IC is under question, staff should immediately contact their system administrator(s) who should in turn contact Center Dynamics if they cannot resolve the question.  If the organization's system administrator is not available, staff should contact Center Dynamics support directly at support@centerdynamics.com.  If staff determine it is a critical or severe situation, they should annotate that in the email subject line and also call Center Dynamics staff immediately as well.  The Center IC application also has a built-in Feedback option that can be used to email system administrator(s) and/or Center Dynamics support.

Emails submitted to support@centerdynamics.com creates a case/ticket in our support queue and sends a notification email back to the sender.  The email has information on how the sender can review the resulting case's status. 

If an egregious issue occurs on a holiday or after normal business hours, staff should have access to the emergency contact number(s) for their system administrators who can contact Center Dynamics staff at our emergency phone numbers.

If the situation is determined to be a security related incident, Center Dynamics will elevate the priority of the case as appropriate and keep an open line of communication on the progress made until the resolution of the incident.