Preserving brand reputation across your field communications
Mitigate risks
- Reduce the risk of unsanctioned communication before it happens
- Train your field to do it the right way
- Establish preventive control measures by setting filters for phrases and words
- Streamline audits and prevent reputation risks by establishing clear controls with FieldCheck
Ensure compliance
across every touchpoint
FieldWatch – by MomoFactor
Web and Brand Violations Monitoring
✔️ Find policy violations wherever they occur online
✔️ Eliminate the tedium of manual search & case management
✔️ Resolve risky posts before regulators find them
FieldCheck
Consultant Communications Compliance
✔️ Set filters for non-compliant phrases, words and terms
✔️ Pre-screen consultant communications before they are sent out
✔️ Identify and educate consultants
Increase compliance with field-wide adoption
SOC 2 Type-1 & 2 Certification in Progress
Penny AI is in the process of completing SOC 2 Type-1 & 2 certifications, including an audit performed by qualified evaluators from an independent third-party auditing firm.
What is a SOC2 report and why is it important?
Service Organization Controls (SOC) is a detailed level of controls-based assurance covering five Trust Services Criteria (security, confidentiality, integrity, availability and privacy). It ensures service providers securely manage the retrieval, storage, processing and transfer of data to protect the interests of both the client’s organization and privacy of their customers.
What Compliance Controls are included in SOC2?
Security
To ensure protection against unauthorized access, internal controls need to mitigate the potential abuse or misuse of the platform, theft or the unauthorized removal of data, and disclosure of personal information.
Confidentiality
To ensure the restriction of confidential data, internal controls need to define security and data protection procedures.
Processing Integrity
To assure the intended purpose of a platform is achieved, internal controls need to monitor data processing and quality assurance procedures. The purpose focuses on processing the right data at the right time.
Availability
To control the access to a platform as per the contract and/or service level agreement with customers (specifically regarding the minimum acceptable level of performance), internal controls need to monitor performance and availability.
Privacy
To control the collection and use of personal information, internal controls need to support the protection of personal information from unauthorized access.
How is Penny AI addressing the Compliance Controls?
Operational processes
We continue to review and adapt our internal processes to further mitigate any privacy risk.
Policies procedures and guidelines
We take technical, contractual, administrative, and physical security steps designed to protect Personal Information provided to Penny. We document and reinforce data protection in how we conduct our business.
Third-party risk management
We continually review vendors and integration partners’ security policies and procedures.
Data retention
We have implemented procedures designed to limit the dissemination of Personal Information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
Data residency
Penny App stores its data on servers located in the United States and Ireland. Penny relies heavily on Amazon Web Services (http://aws.amazon.com) for most of our infrastructure. Other companies which utilize this infrastructure include FDA, Netflix, Adobe, Suncorp and Dow Jones.
Terms & Conditions
We review our Terms and Conditions on a regular basis, providing access to the documentation on our website.
Platform development
We’re adding more features to provide our customers with more flexibility in data management.
Data breach notifications
We have developed and follow Penny AI incident response policies.