Skip to content

Strict Adherence to Best Practices

Octacom understands the confidential nature of our clients’ records and takes extreme care to ensure our clients’ information and data is always secure.

Octacom’s production facilities adhere to rigorous physical and logistical security standards to ensure the protection of our clients’ proprietary and confidential data and documents. These include but are not limited to: 

  • Key internal control components of physical protection

  • Separation of duties

  • Delegation of authority

  • Control and limitation of access

  • Application of joint/common custody concepts

  • Password protection for sensitive data files

Octacom strictly follows industry-specific guidelines and policies in order to maintain the utmost in security and discretion in every sector.

SOC 2, Type II with HITRUST CSF

AICPA-SOC logoOctacom’s physical and information security is regularly tested, validated and audited. Octacom is a SOC 2, Type II audited organization and compliant with HITRUST Common Security Framework (CSF) security certification criteria. HITRUST’s CSF has been assembled by North America’s largest health care service organizations and is one of the most well-respected frameworks of its type.

Public Services and Procurement Canada Protected Level B

Government of Canada logoOctacom maintains Reliability Status to include Document Safeguarding Capability up to and including Protected Level B, issued by Public Services and Procurement Canada. This level of protection includes paper, digital processing and storage of health information, financial information and other forms of personal information.

Octacom is also an official Vendor of Record for both the Federal Government of Canada and the Ontario Provincial Government. 

PIPEDA and PHIPA Compliant

Office of the Privacy CommissionerOctacom is compliant with the Personal Information Protection and Electronics Documents Act and the Personal Health Information Protection Act. Octacom maintains designated privacy officers, written privacy policies and a staff privacy training program.

Canada Evidence Act Compliant

Octacom is compliant with the Canada Evidence Act as it pertains to authentication, best evidence and integrity. This level of compliance includes paper and digital processing and storage of legal, financial and health information.

AIIM Membership

AIIM Professional MemberOctacom’s team includes certified members of the Association of Information and Image Management, a globally respected industry organization providing education, research, best practices and certification in information management.

CHIMA and COACH CompliantScreen Shot 2021-11-25 at 8.36.17 AM

Octacom limited is a Canadian Health Information Management Association (CHIMA) and Canada's Health Informatics Association (COACH) compliant organization, working closely with a significant Screen Shot 2021-11-25 at 8.37.41 AMnumber of health care clients on their day forward health records digitization and long-term archiving needs through our Odiss Software.

Shredding ComplianceNAID AAA LogoPCI Logo

Octacom's shredding services comply with the following certifications:

  • NAID AAA rating
  • PCI Compliant
  • Level B Public Works Security Clearance