For more than 40 years, Herrmann has been a leading voice in the Learning & Development space for protecting the data privacy and security of the millions of our end-users -- who we refer to as Thinkers -- using our products around the world. We have always valued client data and have taken a strong stance on data security and privacy, including the view that only our end users should own their own personal data.
Today, our team is pleased to announce another significant milestone, the achievement of AICPA’s SOC 2 certification, which recognizes the data security excellence of the Herrmann technology platform that enables thousands of teams and organizations to create ongoing value from their cognitive diversity. The certification criteria is based on five rigorous “trust service principle” standards for managing customer data: security, availability, processing integrity, confidentiality and privacy.
Why is this important? As our society becomes ever more privacy conscious, Herrmann remains a step ahead in ensuring important protections. Unlike many companies who enable the use of low-validity assessment tools that can result in discriminatory hiring practices, or resell user account data for use in online advertising, Herrmann’s privacy standards ensure that only Thinkers and highly-trained Certified Practitioners can use Thinker data for specific, limited and consented purposes. Beyond the legal and ethical considerations, we believe that there are important validity considerations in play: Thinkers will only provide truthful cognitive data as inputs into their profile if they know and can trust what is being done with it. This helps the profiles we generate maintain our industry’s highest face validity -- that is, confidence from the end user that the profile accurately and validly reflects what is going on inside their mind.
In addition to these standards, our new platform architecture was built from the ground up with privacy in mind, so that new features like annotated profiles, sharing and teams can be used with the confidence that your data is secure. Database administrators can manage individual access permissions at a granular level, and our Client Advocacy Team members regularly review and assist in maintaining best-in-class data structures.
“Looking forward, we will continue to prioritize our Thinkers’ data privacy,” says Karim Nehdi, CEO of Herrmann. “The importance of trust in today’s world cannot be overstated. We help Thinkers build trust in one another, their teams, and their organization, and our strong voice on data privacy helps reinforce that trust.”
See prior related blog on Data Security and Herrmann: What You Need to Know About GDPR, Personal Info, and more