As a total IT solution provider, we understand the responsibility for compliance with internal and external policies. That is why we support our customers in being able to meet any compliance requirements and rely on industry-leading security solutions, external audits and certifications.
For companies, it is becoming increasingly difficult to meet all necessary certifications and governance requirements. With the ever-growing demands for compliance and data protection, this can pose a significant challenge. As your trusted partner, we offer you comprehensive support in this area. Our compliance team, together with our CISO (Chief Information Security Officer), is happy to assist you in making the right decisions, especially when it comes to determining the best location for storing your data. MTF holds the following certifications and compliances:
Our organisation and our products are regularly audited by independent bodies in the areas of quality management and with regard to security, data protection and compliance guidelines. This gives you the security you need to know that we are a fully certified and compliant partner for all compliance requirements. The details of the certifications and conformities are listed below:
ISO 9001:2015 "Quality Management Systems" is the central standard of the ISO 9000 ff. series of standards and contains standards for the quality management system towards our customers.
The ISO/IEC 27000 series of standards helps organizations protect information assets. ISO/IEC 27001 sets out the requirements for an information security management system (ISMS). In addition, this standard provides a set of best practices as well as details on security controls for managing information risks.
ISO/IEC 27017:2015 (International Electrotechnical Commission, IEC) provides guidelines for information security controls that apply to the provision and use of cloud services.
ISO/IEC 27017:2015 (International Electrotechnical Commission, IEC) provides guidelines for information security controls that apply to the provision and use of cloud services.
Compliance with the GDPR is a top priority for MTF and our customers. The aim of the GDPR is to strengthen the protection of personal data in Europe. For all of us, this affects the way we do business. MTF takes a strictly customer-centric approach to protection, control and compliance. We want to help you implement the GDPR in the best possible way.
The U.S. Health Insurance Portability and Accountability Act (HIPAA) of 1996 establishes privacy and security requirements for organizations responsible for maintaining the confidentiality of individuals' protected health information (PHI). These organizations meet the definition of "covered entities" or "business associates" under HIPAA.
The Payment Card Industry Security Standards Committee (PCI Security Standards Council) is a global forum dedicated to the continuous development, improvement, storage, dissemination and implementation of security standards for the protection of account data.
The National Institute of Standards and Technology (NIST) has developed Federal Information Processing Standard (FIPS) Publication 140-2 as a security standard. This lists requirements for encryption modules, including hardware, software and firmware, for U.S. federal agencies. FIPS 140-2 certification was established to protect digitally stored, unclassified, but still confidential information.
The Swiss Federal Law on Data Protection: SR 235.1 regulates the protection of the privacy of individuals and companies. MTF is a Swiss company which is fully subject to Swiss data protection law. We are already working on a template for the upcoming new DSGVO affiliated data protection of Switzerland.
For us at MTF, data protection is not only a legal obligation, but also a fundamental commitment to our customers. We also attach great importance to adhering to compliance requirements and governance standards. We understand the importance of sensitive data and do everything we can to protect your information and fulfil all necessary requirements.
Our dedicated team is always available to answer your questions and support you in all aspects of data protection, compliance and governance. Let's work together to ensure that your data is in the best hands.
