Certifications

 

PCI Security Standards Compliance

PCI Compliance SealThe Payment Card Industry Data Security Standard (PCI DSS) is a comprehensive security standard that acts as a set of guidelines for merchants to ensure the protection of their customer’s sensitive card data. PCI DSS is equally helpful to ensure that other sensitive data, such as votes, are protected. Simply Voting’s servers are subjected to intense daily PCI Compliance scans by Trust Guard, which checks for over 66,956 vulnerabilities or security holes that hackers might use to compromise the voting website.

 

Confidentiality

TRUSTe Privacy CertificationSimply Voting takes secrecy of the vote very seriously. It is impossible for election organizers to determine what a particular voter has voted as the results are anonymous. All voter information is removed from our servers if you choose to have the election deleted. We never make use of voter information for anything other than voting and never share such information with third parties. Our privacy policy and voting system have been independently certified by TRUSTe for compliance with their Privacy Certification and Trusted Cloud requirements.

 

Accessibility

Bureau of Internet AccessibilitySimply Voting is committed to supporting electors with disabilities and making sure the ballot works with assistive technologies. Voting websites are audited against Section 508 and WCAG-2 accessibility requirements, and are assigned an “A” grade by the Bureau of Internet Accessibility which conducts comprehensive audits of our voting interface.

 

Skyhigh Enterprise-Ready Rating

Skyhigh Seal SmallSimply Voting received the highest CloudTrust Rating from Skyhigh Networks. Skyhigh performs objective and thorough evaluations of cloud services based on a detailed set of criteria developed in conjunction with the Cloud Security Alliance (CSA). Services designated as Skyhigh Enterprise-Ready fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.

 

SSAE 16 Certification

SSAE16 Seal SmallSimply Voting is SSAE 16 SOC 1 Type I certified. The SSAE 16 (formerly known as SAS 70) is a widely recognized auditing standard issued by the American Institute of Certified Public Accountants (AICPA). An auditor’s report details a service provider’s ability to offer adequate controls and safeguards when they host or process data belonging to their customers. The audit focuses heavily in the areas of compliance, security and access. It addresses important topics such as backup and recovery, computer operations, and human resources.

Our data center, RackForce, is similarly SSAE 16 SOC 1 Type II certified. Both Simply Voting and RackForce are also CSAE 3416 and ISAE 3402 certified; these are the Canadian and international equivalents to the SSAE 16. These certifications are an independent validation of the quality, integrity and reliability of Simply Voting’s infrastructure and services.

 

Insurance

Berkley Insurance CompanySimply Voting is insured with the Berkley Insurance Company. We maintain a $2,000,000 General Business insurance policy as well as a $2,000,000 Cyber Liability insurance policy which covers Errors & Omissions and Network Security & Privacy Breach. This helps protect your organization and your voters.