Security

HOTSCHEDULES STANDARDS REGARDING DATA PRIVACY & SECURITY

In an effort to demonstrate Red Book Connect (dba HotSchedules) standards with respect to customers’ data, we have produced this web page to help answer questions about our data privacy and security policies.HotSchedules endeavors to protect our customers’ data and subscribers’ personal information. We take a comprehensive approach through integration of controls across security and privacy both in operations and business processes. Our commitment to data privacy and security includes implementation of reasonable physical, administrative and technical safeguards designed to protect data from unauthorized access, use and disclosure.
Our integrated data privacy and information security strategy is designed to ensure our customers’ data is secure and confidential.

  1. PRIVACY

    Data privacy governance is identified within our Privacy Policy and covers our approach to meeting privacy requirements for our customers and their data, which is collected through the use of our services.The Privacy Policy provides in detail the approach we take to protect information.
    Key areas covered by the Privacy Policy are:

    1. Data protection and limited use

    2. Information we collect

    3. Information we share

    Data used within the HotSchedules service offerings is collected in various ways, including through registration into the service, data customers and subscribers provide to us and data collected in the service delivery process from customers and subscribers using the product.

    We generally do not seek to collect sensitive data types including, but not limited to credit card information, health related information or social security numbers, as these data types are not required in the operation of our services.

    We may use information derived from the data that we collect from all of our services to provide, maintain, protect, and improve our services as well as develop new services and features. All data utilized in this process goes through a de-identification process to ensure no attributes linking it to a specific person or customer remain.

    We use multiple virtual machines that allow us to scale the web tier horizontally.

  2. PRIVACY LAWS AND REGULATIONS

    When appropriate, we will establish new processes and enhance current processes to meet the compliance requirements with new privacy and security initiatives.

    Details of our Privacy Policy can be reviewed here: https://www.hotschedules.com/privacy-policy/

  3. SECURITY PRACTICES

    We approach security in multiple ways that include written policies and standards, employment practices, product development processes, operational and business processes as well as technology. We work to align our information security strategy with our product roadmap and service offerings.
    HotSchedules security program includes a comprehensive controls framework designed to provide oversight and control structure in a defense-in-depth program. This program includes but is not limited to security controls and operational and business processes within the following areas:

    1. Physical and logical security

    2. Risk management

    3. Access and identity management

    4. Information protection & classification

    5. Vulnerability management

    6. Incident response

    7. Configuration and change management

    8. Security education

Don't just dream of being awesome. Get a Demo