Certifications and Compliance
Cloud Security Compliance
To ensure that your personal and financial information is securely managed, Melissa has received a number of certifications.
Melissa takes data protection, data security, and legal compliance very seriously. That is why Melissa continuously undertakes independent security reviews. These certifications emphasise Melissa's commitment to safety and quality.
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) is an EU regulation on data protection and privacy protection for all persons within the European Union (EU) and the European Economic Area (EEA). The GDPR aims primarily to give individuals control over their personal data and to process them
uniformly - within the European Union.
We process your data in accordance with the GDPR. For more information, please read our Data Protection & Privacy.
SOC 2 Type 1 and Type 2
SOC2 examinations are based on standards set forth by the American Institute of CPAs (AICPA). The process is widely recognised for establishing ethical and auditing practices for private companies, nonprofit organisations, and federal, state and local governments, and represents that a service organisation has been through an evaluation of their control activities as they relate to applicable Trust Services Principles and Criteria. Conducted in accordance with the group’s SOC reporting standards, Melissa’s audit was executed by SSAE 16 Professionals, LLP, one of the nation's leading CPA firms performing SOC2 examinations. Melissa has successfully obtained SOC 2 Type 1 and Type 2 certifications.
-
Type 1
SOC 2 Type 1, a report on management’s description of the service organisation’s system and the suitability of the design of the controls.
-
Type 2
SOC 2 Type 2, a report on management’s description of the service organisation’s system and the suitability of the design and operating effectiveness of the controls.
HIPAA, HITECH and HITRUST
Healthcare, providers, financial institutions, government agencies, and third-party data vendors dealing with PII are required to comply with all data security standards outlined in the Health Insurance Portability & Accountability Act (HIPAA) and meet the most stringent data security guidelines of HITECH. Melissa holds HIPAA and HITECH certification and is in the process of mapping all controls to the HITRUST standard.
International Postal Certification
Melissa’s international address verification solutions are able to parse, analyse, correct, and format addresses according to local postal standards to ensure your mail gets to the right address. Melissa holds Canada Post SERP®, Royal Mail, and EIRcode® certifications for address verification in Canada, the United Kingdom, and Ireland. Additionally, Melissa also holds USPS® CASS™/DPV®, UPSP PAVE™, USPS NCOALink® and Canada Post® NCOA certifications for the United States and Canada.