Skip to main content
Skip global navigation and go to main content

This Data Security Policy was last modified on October 20, 2021.

Data Security & Privacy

J. J. Keller Meets the Highest Standards for Data Protection

As J. J. Keller serves customers across North America – and uses advanced technologies to innovate leading-edge safety and compliance solutions – protecting customers’ data is part of every decision we make. Our rigorous combination of data protection systems, training, certifications and processes demonstrates our commitment to exceeding common safeguards.

Data Security Program

Systems

  • J. J. Keller requires multifactor authentication by all associates working remotely.
  • We also employ a third-party managed security service provider to maintain and run a Cloud SIEM. They provide 24/7 security event monitoring, response, and alerting.

Training

  • Every J. J. Keller associate participates in annual data security and privacy awareness training.
  • In addition, we conduct annual phishing training and monthly simulated phishing email exercises with 100% of our workforce. Anyone failing the phishing exercise receives immediate retraining. Results of monthly simulations are published on the company's intranet and are tied to the company's progressive discipline policy.

Certifications

  • J. J. Keller is certified to ISO 27001:2013 for our information security management system.
  • We annually obtain an SOC 2 Type II compliance report audited to the Security, Availability, and Confidentiality Trust Services Criteria by a nationally-recognized independent audit firm.
  • J. J. Keller complies with the Payment Card Industry Data Security Standards (PCI DSS) for securing cardholder data and is self-certified.

Processes

  • All J. J. Keller associates are required to sign a confidentiality agreement upon hire and annually thereafter through our Ethics Policy & Code of Conduct training.
  • Supply chain vendors are evaluated for security practices to ensure their practices meet the same level of rigor as J. J. Keller’s practices.
  • J. J. Keller performs an annual internal audit of our systems and processes with auditors possessing certifications including CISSP, CISA, CPA, PMP and PCIP.

Privacy Policy

At J. J. Keller, we do not sell advertising space in our electronic communications or sell or share customer data with third parties. The J. J. Keller Privacy Policy transparently describes how we may collect, use, share and protect information about our customers and their businesses. This includes access to webinfo@jjkeller.com for any questions about the policy.