PFL

Hybrid experiences delivered at scale by PFL

PFLTrust Compliance

AIPCA-SOC logo

SOC 1 Type 1

PFL processes are audited against the SOC reporting framework by independent third-party auditors. The audit covers controls for data security, availability, processing integrity, and confidentiality as applicable to in-scope trust principles for each service.
PFL has achieved SOC 1 Type 2, and SOC 2 Type 2 reports. In general, the availability of SOC 1 and SOC 2 reports is restricted to customers who have signed nondisclosure agreements with PFL.
AIPCA-SOC logo

SOC 2 Type 2

PFL processes are audited against the SOC reporting framework by independent third-party auditors. The audit covers controls for data security, availability, processing integrity, and confidentiality as applicable to in-scope trust principles for each service.
PFL has achieved SOC 1 Type 2, and SOC 2 Type 2 reports. In general, the availability of SOC 1 and SOC 2 reports is restricted to customers who have signed nondisclosure agreements with PFL.
PCI logo

PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover, and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC).
HIPAA logo

HIPAA

The Health Insurance Portability & Accountability Act (HIPAA) regulations require that covered entities and their business associates enter into contracts to ensure that those business associates will adequately protect PHI. These contracts, or BAAs, clarify and limit how the business associate can handle PHI, and set forth each party’s adherence to the security and privacy provisions set forth in HIPAA and the HITECH Act.
Currently there is no official certification for HIPAA compliance. However, PFL’s HIPAA Compliance Program utilizes an automated and online HIPAA compliance and training solution for developing, administering, documenting and monitoring the program. The program methodology is based on National Institute of Standards and Technology (NIST) cyber security protocols endorsed by the Office for Civil Rights for compliance with the HIPAA Security Rule.
NIST- ogo The National Institute of Standards and Technology (NIST) framework was designed to be voluntary, the NIST has not formalized an accreditation process. However, PFL utilizes an accredited solution for developing, administering, documenting and monitoring PFL’s Cybersecurity processes.

Create Integrated, Orchestrated,
Impactful Experiences at Scale

PFL delivers authentic human experiences by orchestrating impactful direct mail in an ecosystem fueled by data. We bring the measurement, personalization, and predictability you expect from digital to direct mail. We have a proven track record of amplifying growth for some of the biggest brands in the world.

Book a Meeting

Copyright Ⓒ 1998 - 2022 PFL, Tech Inc. All Rights Reserved. Terms of Service Privacy Policy Trust

logo