At Organizational Solutions Inc. the privacy and protection of personal information is of utmost importance to us and strong data security is key to your privacy.
We own our proprietary claims management system to manage the efficiency and efficacy of claims and manage to the highest levels of security and privacy.
Our internal system is called OSIncAMP (Absence Management Platform), and it is flexible and easy to use. OSI can customize the claims management environment and experience to align with the Client’s requirements within system parameters.
Among our advantages are:
OSI protects data integrity (and therefore, confidentially) with next-generation firewalls; by monitoring and logging all computer activities with secure authentication technology and with tightly regulated access to our online portals.
OSI’s entire information infrastructure is stored on secure servers, wholly-owned and managed by OSI, located within high-security Tier-4 data centres within Canada. Aside from email, which is located within the Microsoft Office 365 environment within the Canadian jurisdiction, all other information is stored on equipment that is wholly-owned by OSI and is located in Canada.
We have full control over the ability to adapt the claims management environment and experience for our clients, including any programming needed for employer-specific process requirements.
During the implementation stages, we will ensure that all data captured, all reporting requirements and all business-specific processes are built into the system.
All of OSI’s systems are incrementally backed up during the day, and all servers are fully imaged regularly. A single professional services company manages on-site and off-site copies of backups under contract to OSI, and all backups are protected from all unauthorized access. The maximum amount of risk exposure to unexpected data loss at OSI is less than 12 hours and less than five business hours. OSI’s physical infrastructure is intentionally designed to be under-utilized such that in the event of hardware failure, the remaining infrastructure remains more than capable of adopting and handling the load.
OSInc AMP can match our client’s work environment, and we can pre-fill information if a demographic file is made available. This is meant to reduce administration time. For example, the system will automatically populate the other employee fields when just an employee surname or employee number is entered.
The Demographic file contains basic employee information used to auto-fill claim forms during the claim submission process to OSI. The most common communication method for receiving demographic information from clients is via SFTP file transfer.
The SFTP system can send/receive claim files and/or employee demographic files from clients. Each client has their own account, which is logically separated from all other clients’ accounts within the file directory. Clients’ accounts are set to upload only – clients cannot download or modify the uploaded file. Each account can only access the associated upload folder. Files received through the SFTP server possess a minimum of PGP encryption. OSI’s preference is for clients’ connections to the SFTP server to be limited to coming in from a single known IP address and/or use of SSH fingerprints.
Upon receipt of a file from a client, the file is moved from the SFTP server, where the file is examined to ensure “it is what it is” and scanned for viruses and malware before being placed into a backup location. The file is subjected to various verification processes before being processed, during which OSI’s system consumes the file. Consumption includes updating and archiving employees as applicable within the client’s demographic database, and success/fail notifications.
Access to the demographic file is strictly limited to search only (for clients’ use), by authorized and permissions OSI user accounts and/or authorized and permissioned clients’ accounts (via the portal).
All modifications to client data are fully audited and logged for traceability purposes.
OSI maintains, enforces and monitors strict access-to-information and security policies for all staff. Staff have restricted access to information by only one of two methods: in-office access or a 2-Stage Authenticated Secure SSL VPN (Secure Sockets Layer Virtual Private Network).
This is the gold standard in end-to-end encryption and strictly protects data transmitted between all devices. This is modified, at a minimum, every two years. It can be set up and tailored to each user. For example, if a supervisor wants to see claims in their department, that ask would filter on the login to show only the information in their department; likewise, if an employee needed to log on and view their claim status.
OSI maintains, enforces and monitors strict access-to-information and security policies for clients and their employees. Access to information is tightly restricted to only information applicable to the individual client/customer and only accessible via a secure HTTPS portal (AMP), for which each customer has their own unique login and password.
OSI provides secure internet-based feedback to employees and employers during all stages of the claim process. Secure internet-based information is available to clients and their employees via the AMP Portal.