Keeping Your Data Safe with HIPAA and SOC 2

Security Is a Top Priority at Johnson & Quin







Security and privacy are top concerns for all types of businesses due to security breaches at major companies in the United States and around the world, as well as the implementation of an increasing number of privacy regulations. How do we keep sensitive information safe from hackers who are persistently working to infiltrate computer networks to steal identities, social media accounts, financial, health and other valuable personal information? This private data is at a much higher risk of being compromised with millions of us now working from home. Mail service providers like J&Q must be able to prove that data, both their own and their clients’ information, is secure.

At J&Q we produce personalized direct mail, promoting our clients’ products and services. That entails handling a lot of sensitive personal data – hundreds of millions of records every year! And we do this by ensuring it is handled by only authorized staff and safe from prying eyes. Because security is so key to our clients, Manish Haria, J&Q’s VP, CISO (Chief Information Security Officer) and CIO (Chief Information Officer), is continually evaluating and updating our security program.


“J&Q has achieved the HIPAA Security Compliance Assessment which certifies our high level of security and ability to produce healthcare direct mail programs.”


Most recently J&Q has successfully achieved the HIPAA Security Compliance Assessment, as well as completing our third annual System and Organizational Controls (SOC) 2 Type 2 examination. Our recent press release provides information on both certifications. Click here to read the full release.

The HIPAA security compliance assessment ensures that J&Q follows appropriate procedures for storing, processing, and handling protected health information (PHI). PHI is any information about health status, provision of health care, or payment for health care that can be linked to an individual. The assessment was performed by a professional and independent third-party audit firm using the AICPA Trust Services Criteria for Security, as well as applicable HIPAA privacy, security, and breach notification rules. The audit included an analysis of our information technology (IT) processes and infrastructure, controls, policies, and procedures that maintain the confidentiality of client data used for their direct mail programs.

J&Q works with a variety of industries including financial services, insurance, retail, and others. With HIPAA certification, we can confidently manage the data and production of healthcare promotional and communication marketing programs for health-related businesses including healthcare providers, hospital systems and insurance companies.

The SOC 2 report provides detailed information and assurance regarding the security of systems used to process customer data. The SOC 2 Type 2 audit verifies that our security processes are consistent, ongoing, and sustainable which is key to ensuring the security of our clients’ data and information throughout the year. Security is not just an event but a part of the J&Q company culture at all levels.

Bottom line – With over 40 years in direct mail printing, J&Q’s processes, procedures, and controls support our direct mail services and are designed and implemented to address the safeguards required for healthcare, financial and other industry mailings. J&Q’s clients can be confident in the controls we have in place to keep their information and data safe as we process and produce their direct mail programs.

This entry was posted in Data, Direct Mail, Security and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s