BBS Security Statement

Security Statement – BBS

Revised Feb 2021

View BBS Security Statement .pdf file

Policy Statement

This policy sets forth information security standards to the protection of client information at Broker Builder Solutions, LLC. Maintaining the confidentially and integrity of client information stored, processed, or transmitted at Broker Builder Solutions is a requirement of all personnel.
This policy applies to information in any format including electronic and hard copy.

The security policy ensures that:

    • Information will be protected against unauthorized access.
    • Confidentiality or information will be assured.
    • Integrity of information will be maintained.
    • Availability of Information for business processes will be maintained.
    • All actual or suspected information security breaches will be reported and thoroughly investigated.
    • Information security trainings are available for all employees.
    • Procedures exist to support the policy, including virus control measures, passwords, and continuity plans.

Physical Security/Data Storage

Customer data is stored in our primary offices located 1000 N. Main St. Suite 107, Fuquay Varina, NC. Access to our location is restricted 24 hours a day. Physical access control is provided to only those with key entry. The office is monitored with video surveillance. In case of a natural disaster, security also includes automated fire prevention and extinguishing systems. In addition, Broker Builder Solutions utilizes a HIPAA compliant version of Citrix ShareFile as a method of data storage. ShareFile is a cloud-based Software-as-a-Service (SaaS) solution that enables BBS to exchange confidential data securely.

Data Retention

Broker Builder Solutions stores retains all client data for 7 years.

Data Transport/Exchange

Broker Builder Solutions utilizes Secure File Transfer Protocols as established by BBS or provided to BBS from the carrier to ensure secure data exchange along with PGP (pretty good privacy) encryption when as needed/requested.

Electronic Security/Data Integrity

All systems used to retain client specific data are encrypted using Symantec’s Endpoint Encryption powered by PGP technology 11.1. All data stored outside of the Benefits Administration software is stored using one of the following.

➢ HIPPA compliant version of Microsoft Office 365 SharePoint where users are required to provide validation credentials to access client specific information.
➢ HIPPA compliant version of Citrix ShareFile where users are required to provide validation credentials to access client specific information.
➢ BBS Network- attached storage (NAS) data storage server connected to all BBS employees’ computers. This drive is stored in our physical office location at 1000 N. Main Street. Access is limited to only those with the server configured to their computer and if outside of the office available by cloud access where validation credentials are required to access.

1000 N. Main Street

Fuquay-Varina, NC 27526

833-281-9575 ext. 2