Take 44 / NextAgency Help Center home page
  • Tour
  • Components
    • Agency Management
    • CRM
    • Marketing & Communications
    • Commission Tracking
    • API
    • NextMarket
  • NextConcierge
  • Pricing
  • FAQ
  • Login
  • Start Free Trial
  • Get Demo
  1. Take 44 / NextAgency
  2. FAQ
  3. Data Protection

Data Protection

Follow New articles New articles and comments
  • Where can I find NextAgency’s Privacy Policy?
  • What encryption does NextAgency use?
  • Can I access the financial data of my clients and their employees?
  • Can NextAgency personnel access financial information of my client’s employees?
  • Will you communicate directly with my clients?
  • What can NextAgency use client data for?
  • Who owns my client data?
  • Is NextAgency HIPAA compliant?
  • How do you protect data from hackers?

Data Protection

Follow New articles New articles and comments
  • Just click on the Privacy Policy link in the footer of any page on this web site.
  • We encrypt user’s data—from login to logout—with one of the highest encryption standards available, including 256-bit SSL encryption (the same technology that banks use to keep your account information safe). Our in-house security team regularly reviews every security aspect of NextAgency. We also keep a real-time audit log of all data access and changes made by administrators, employers, brokers’ employees and our automated system. We also use outside parties to test our security and report to us any vulnerabilities they discover. We act quickly to address their findings.
  • No, unless they explicitly give you this access. Information your clients enter into NextHR such as their employee’s banking information is private. We know some of our competitors allow you and your staff to access this information, but we think this creates a serious liability for you. In the event of a data breach at your office you’ll need to justify the need for you and your staff to access your clients’ sensitive data. The authorities may not look kindly on your privacy practices if your clients don’t know you have access to this kind of information. That’s why we allow your clients to provide you access (by creating an account for you on their NextHR installation), but they have to make the decision to do so.
  • Our Customer Service personnel see only encrypted or masked versions of private data (e.g., only the last four digits of a social security number or the last five digits of a credit card number). Even our software developers cannot access unencrypted versions of social security numbers, credit cards, bank account information, and the like. Our IT engineers may be able to access this information, but only when required and subject to strict limitations and logging requirements. If you or your clients voluntarily sign-up for our optional concierge onboarding service, our concierges may access sensitive data. This service uploads employee information (including benefits and payroll data) into the system. All of our concierge teams are based in the United States and subject to U.S. laws and regulations. Please see our Privacy Policy for more information on how, when and why we access sensitive data.
  • We will not send marketing messages to your clients without your permission. The only direct communication we have with your clients concerns the NextAgency platform. For example, we’ll provide them with information they need to use of the platform, let them know when maintenance is being done, and make them aware of NextAgency enhancements.
  • We use the data to make NextAgency useful to you and your clients. We allow those users with appropriate permission to view client data, print reports and the like.
  • You and your client do, not us. You give us permission to use the data to provide services, but you retain all ownership of it.
  • Yes. As part of the sign-up process you and your clients will sign a business associate agreement with us. We then limit access to unencrypted versions of this information to only those needing such access. Of course, our ability to protect PHI is limited to protecting the information on our service. Once it is transferred or made available to you, your agency, your clients or authorized third-parties you or they are responsible for protecting your clients’ PHI.
  • We can’t guarantee that information during electronic or email transmission or digital storage mechanism can never be hacked, but we take our responsibility to protect the data you and your clients entrust to us very seriously. When you or your clients enter sensitive information (such as sign-in credentials) our security protocols kick in. We adhere to among the highest available encryption standards, 256-bit SSL encryption. Data is transferred with high-grade TLS and multi-layered encryption at rest with AES-128. Encryption keys are stored separately from your data. Our employee’s access to sensitive data requires multiple authentications and is restricted to a limited number of authorized personnel performing specific tasks for our customers. When our personnel do not need access to critical data the information is either fully-or-partially redacted. For example, customer service reps will be presented with only the last four digits of an employee’s social security number whenever feasible.

NextAgency

Components

Agency Management

CRM

Marketing & Communications

Commission Tracking

API

NextMarket

Resources

Help Desk

NAHU

Security

Tour

Shop

Pricing

Find a Distributor

Receive Updates

Sign Up Now

Company

About

Contact

Blog

Become a Distributor

Follow Us:

Our Privacy

Copyright 2020 Take 44, Inc.

Terms & Conditions