International SOS is committed to protecting the privacy of our customers’ personal data and we encourage you to read this privacy statement.

This statement:

• describes the personal data that we collect;
• how we collect data and why;
• how data will be used and who we can disclose or transfer data to and why;
• how data can be corrected or deleted;
• the measures that we take to protect data; and
• the process and contact information that customers can use to raise enquiries,  concerns and complaints. 

International SOS is committed to safeguarding our customers’ personal data by adherence to the following obligations:

• the International SOS Data Protection Policy, the Information Security Policy  and the related policies;
• the United States Government’s Safe Harbour Principles;
• the Binding Corporate Rules sanctioned by the European  Community’s data protection authorities;
• the relevant local data protection laws and regulations; and
• the contractual commitments to our customers.

The Data Protection Policy and the related policies, the United States Safe Harbour Principles can be accessed through the following link.  The Binding Corporate Rules will be made available when it has been approved by the data protection authorities in the European Community.

This statement applies to the services and products offered by International SOS and binds all our employees. International SOS also expects our service providers to have introduced data protection principals and technical and organisational measures that are substantially similar to the ones International SOS has adopted in respect of similar personal data. This statement refers to personal data from our individual customers or the employees of our customers and their families or the individual customers of our customers, such as a beneficiary under an insurance policy or a beneficiary under credit card or other financial services and in this statement, we refer to this group of individuals as: “you”.

International SOS collects personal data about you when you purchase, use or benefit from International SOS’s services or products or when this data is given to International SOS by third parties, such as companies employing you or your relatives, insurance companies, private medical insurers, assistance companies, financial institutions, medical service providers, travel agencies and similar companies, that are permitted to share this personal data.

“Personal data" includes information that will allow someone to identify or contact you, including, for example, your full name, address, telephone number (professional & home) or email address, gender, date of birth, nationality, family status (dependent), industry sector information related to professional activity, status  (expatriate or traveller) and destinations.

Personal data does not include aggregated data or data that, by itself, does not permit the identification of individual persons, such as statistics on the number of expatriates and travellers that are eligible in a member company to receive assistance services or the number of people visiting the International SOS website each month.

You provide certain personal data to International SOS when you: (a) call our alarm centres or clinics; visit our clinics; visit our facilities at remote sites providing services under a medical services contract; seek a consultation with our medical professionals; and travel with our medical escorts (b) contact us as part of a health assessment; (c) contact us to receive medical consultancy and patient support services; (d) contact us to receive security consultancy and security services; (e) order services and products from International SOS websites; (f) submit forms through Customer Care Centre; (g) send other data to us through the "Tell us what you think" interface or through our Travel Care website; (h) attend our medical and security training courses ; (i) seek assistance with your insurance claims; or (j) make enquiries, requests or complaints.

When you choose to pay for International SOS services or products by credit card directly from the International SOS website, you will be required to provide International SOS with the name of your credit card issuer, credit card number, expiration date and other security information. When you choose to pay for International SOS services or products by other means, we may ask you for your credit card details, contact details and bank account details.

You also provide information to us when you choose to email data about our website from the "email a friend" section. If you choose to use our referral service to tell a friend about the International SOS site, International SOS will ask you for your and your friend's email address. International SOS will automatically send your friend a one-time email inviting him or her to visit the site and tracking the success of our referral program. International SOS does not store this information and processes it once for the sole purpose of sending this single email. It will not be collected or used by International SOS for any marketing purposes.

You may also provide information as part of other marketing and sales initiatives.

International SOS will only gather data that is relevant for the purposes for which it will be used and will not gather excessive or unnecessary data.

International SOS shall take reasonable steps to ensure that data is reliable, accurate, complete, and current, bearing in mind its intended use. You have a responsibility to keep the data you provide to us updated and we will take reasonable steps to facilitate this. 

This International SOS website may contain links to other websites, which are provided solely as a convenience to you and not as an endorsement by International SOS of the contents of other web sites. The other web sites may have their own policies, which International SOS does not control, and thus are not addressed or controlled by this statement or the International SOS Data Protection Policy.

A cookie is a piece of data stored on your hard drive containing information about you. International SOS uses cookies in order to identify a user session, but usage of a cookie is in no way linked to any personally identifiable information while on the International SOS website.  Most browsers are initially set up to accept cookies. Though most cookies expire after a certain period of time, you can choose to delete a cookie file at any time. You can do so by resetting your browser to refuse all cookies or to indicate when a cookie is sent.  However, some International SOS features or services may not function properly without cookies. Some of our service providers (e.g. International SOS’s service providers monitoring our satisfaction survey) use cookies on the International SOS site. International SOS has no access to or control over these cookies. This privacy statement covers the use of cookies by the International SOS site only and does not cover the use of cookies by anyone else.

International SOS will use your personal data to provide you with services and products that: (a) you purchase; (b) are purchased by your employer or your relative’s employer; (c) are purchased by an association or institution (including an educational establishment) of which you are a member; (d) are part of services provided through an insurance program or as part of financial services that are provided to you.

Many of these services and products are designed to provide tools for risk management by providing medical and security assistance.

International SOS may collect or you may provide to International SOS, medical data to provide medical assistance, managing medical and health assessment reports, create an emergency medical record, data about your travel plans to enable International SOS to provide you with security assistance and travel information and support. We may also gather data to: provide other security assistance and security services; manage your insurance claims; manage patient support services; manage clinics and pharmacy services; manage medical and security training programmes; and manage other medical and security consulting services; provide products; issue invoices and collect fees and charges; monitor, improve and control quality; provide training for our employees and service providers; and create and provide reports; and to enable us to manage and execute our marketing and sales initiatives.

Your personal data may be transferred to companies within the International SOS group or to service providers that are performing services for International SOS or acting as International SOS’s agents. International SOS will require that any such service providers agree to keep your personal data secure and confidential, use it only for the purposes for which the personal data is transferred and use it only in accordance with International SOS’s directions. 

With your consent and in compliance with relevant personal data protection and privacy laws,  For similar purposes as those outlined above, your personal data may also be transferred to: your employer; or your relative’s employer; or the insurance company; or private medical insurer; or credit card company or other financial institution; or the association or other institution; or pharmaceutical company that purchased the International SOS services or products.

Your personal data may be transferred to Government authorities, agencies and institutions as required or permitted by applicable laws and regulations.

International SOS shall not collect, use, disclose or transfer your personal data except as described in this Statement unless you give us your permission to collect, use, disclose or transfer it for other purposes.

International SOS does not knowingly collect any information on persons who have not attained the age of 18 years through the online services and the International SOS website.

You are given the opportunity to choose or 'opt-in' to have sensitive personal data (such as medical data) collected, used, stored,  disclosed or transferred for purposes of providing services and products at the point where we ask you for the sensitive personal data. The collection of personal data through our online service for the emergency medical records will include an 'opt-in' mechanism for you to give us your consent to use and disclose your personal medical data to enable us to provide you with medical care and related services. We may, by way of example, transfer your medical data to other companies in the International SOS group, service providers that provide medical services, travel services or to local clinics or physicians who we arrange to treat you or provide you with a health assessment. We may also transfer personal data to local authorities if necessary or desirable to assist in arranging emergency medical care for you.

You may also 'opt-out' of receiving our services and products.

You may opt-out of email alerts for instance by replying to the email or clicking the "unsubscribe" link.

We may collect your personal medical data from you or from other sources with your permission. We may disclose that data to other companies in the International SOS group of companies and to service providers that provide security, travel and medical services, in order to manage the services and products that we provide.

You will also be given the choice to prohibit International SOS from disclosing your personal data to a third party or for purposes other than to provide services and products.

If you are receiving services as an employee or as a member of an employee’s family, or as a member of an association or institution, as a credit card holder or the recipient of other financial services, the company, association or institution that has contracted for our services and products on your behalf will determine the method and means by which you can opt-out and opt-in.

Note that if you choose to ‘opt-out’, withhold, block or request that we delete your personal data, you may not be able to receive the benefit of International SOS’s services and products.  

You can review the personal data that International SOS has collected from you by contacting our: alarm centre; clinic; medical service facility; or sales person; or by using your password to access your records through our website.

In order to update, delete, amend or block any personal information that we create and that we are able to change, contact us using the following e-mail address: [privacy@internationalsos.com] or through the contact link on our website. Should you need our assistance to access or make changes to your personal information, please submit your request to us. Corrections or deletions of data resulting solely from errors by International SOS or our service providers shall be paid for by International SOS. 

If you do not wish to contact International SOS through our website, you may contact our Data Protection Administrators who are also our Country General Managers, responsible for the country in which you are residing or receiving products or services. The contact details of the Data Protection Administrators are attached to this statement.

In making your request to review, update, amend or block data, you will be required to provide International SOS with details of the data requested and the reasons why the data needs correction. International SOS will ask for proof of your identity. International SOS may ask you to assist in verifying the accuracy of the updates and the amendments to the personal data.

International SOS may ask you to cover the reasonable cost of accessing and providing copies of your personal data if this is not provided through the International SOS website. 
 
International SOS will strive to address your request as soon as practicable and no later than thirty (30) calendar days from the date your request is received and understood.

If International SOS is asked to destroy the personal data, International SOS shall use means that prevents its recreation and International SOS shall take reasonable care to ensure that there is no unauthorised disclosure during the destruction of the data. 

International SOS takes precautions to protect its users' information.

International SOS has implemented policies that forbid its employees from using or disclosing personal data in an inappropriate or unlawful manner and maintains security measures to safeguard the personal data that it maintains from unauthorized access, misuse, alteration, loss or destruction.

When you provide personal data through the online forms and other electronic methods International SOS  the data is protected using industry-standard SSL encryption. SSL is an acronym for: “Secure Sockets Layer” and is a protocol for transmitting private documents via the Internet. SSL works by using a private key to encrypt data that's transferred over the SSL connection.

International SOS has also contracted a special agreement with Verisign, an independent third party in order to provide its customers with a secure way to collect information. This assures International SOS's customers that:
 
• International SOS site has a VeriSign Secure Server ID;
• VeriSign has verified the organizational name and that International SOS has the proof of right to use it; and
• all information sent to this site, if in an SSL session, is encrypted and  protected against unauthorised disclosure to third parties.

All International SOS employees are required to follow the Information Security Policy. The policy is implemented through the Information Security procedures and processes. These are periodically reviewed and updated, as the information security landscape is in a constant state of flux. The policy, process and procedures are  being implemented and are based on the principles set out in the ISO17799 Code of Practice for Information Security Management.

All new employees are required to sign a written confirmation that they have read and understood the Information Security Policy and a confidentiality agreement. All employees also have confidentiality obligations in their contracts of employment with International SOS.

Physical access to all International SOS offices, alarm centres, clinics, medical services sites and other facilities are security controlled which include locks that are opened by keys and by using security cards and security card readers that record the identity of employees and visitors entering or leaving the facilities. Registers of visitors are kept and sign-in sheets are used in locations that require additional security. All employees are given unique ID photo badges which they are required to wear and clearly display at all times in International SOS facilities.

Information systems containing sensitive information and communications equipment are placed in secure areas and protected by additional physical security measures that permit access only to the employees who need access, operational processes, environmental controls and fire detection and suppression systems to safeguard against accidental loss, theft or unauthorized removal, misuse, damage or unauthorized access.

Laptops are required to be secured with cables and combination locks.

All internal/external (physical) mail is deposited and held in a separate secure location and processed daily by the Administration (Office Management) Department...  these staffs also sorts all incoming mail and notifies departments/individuals of mail received for personal pick-up.

Disaster recovery and business continuity plans and resources are in place in alarm centers, clinics, medical service sites and key administrative offices and other facilities to protect against disruptions. Most plans are tested twice a year to ensure that they remain robust and relevant to operational and business changes and changes in the external environment.

Essential business information and software in alarm centres, including voice recordings, is backed up daily and stored offsite and is protected in other locations using several this process and other security processes. Various redundancy elements are built into critical servers to ensure data integrity in the event of a failure. All  servers have hardware redundancy built into them to minimise failure of crtical servers. and have uninterruptible power supply (UPS) to ensure that data integrity is unaffected by a power outage.

Disaster recovery sites are setup in global and regional hubs such as Philadelphia, Singapore and Sydney for better recovery time objectives (RTO) and recovery point objectives (RPO), which are key network recovery indicators.

There are processes and procedures in place to access backup tapes, including voice recordings, to ensure that they are only released with proper authorization and documentation and that they are tracked, returned and accounted for.

All gateways to the internet are protected by a firewall and access to both internal and external networks are restricted and controlled.

IDS/IPS will be deployed at key sites.

All servers are hardened based on security hardening standards to protect against network threats.

Endpoint security is constantly being review to protect the network against unauthorized access, data loss or destruction.
Access to computer services and information is on a need to know basis and restricted and controlled based on the business requirements to reduce the risks associated with misuse, such as alteration, destruction and unauthorised dissemination of data.

Access to information services is through a secure login process with a unique identifier. This unique ID is for the user’s sole use and not shared. International SOS has a password policy that provides for best practices to be used. In addition, a password filter program ensures that weak passwords and commonly used passwords that may meet our password policy are blacklisted and blocked.

User access to our main case management system and essential network services are controlled using a user rights management system that utilises employees’ roles in assigning user access rights, especially to the case management system.

All remote-s access is given on a need basis and is via a two-factor authentication mechanism.

All laptops have whole disk encrypted using FIPS 140-2 level 1 & 2 certified full disk encryption software. The software is configured with system lock-out feature enabled after a certain number of incorrect password entries.

Blackberry’s and Window Mobile devices have password policy controls and remote device hardware reset features enabled to protect against lost or stolen devices.

All changes to production systems and network follow a change management process flow to ensure that changes are owner authorized, assessed for risk and operational impacts, before being approved by the change management board.

Application changes follow a stringent change and release control process including user testing and acceptance and quality acceptance before implementing in production.

The security of information assets, including those entrusted to International SOS by third parties, are audited and reviewed for compliance against company policies and legal requirements. The information security team conducts regular site-level information security audits.

Critical servers are scanned using network and system vulnerability scanners. Web applications are also scanned by automated penetration tools for application level security vulnerabilities that may be susceptible to hacking.

External vulnerability scanning on our internet facing sites is performed monthly to ensure that these sites are secure. These are done via in-house vulnerability scanning tools and third party services.

Penetration tests are also performed on our key internet applications prior to production or major upgrades.

International SOS engages external consultants to conduct security review of our environment. These reviews help us to understand the security gaps and ensure that our infrastructure and applications are able to meet and mitigate new network and Internet security threats and risks.

Application code level security reviews are done for our key applications.

The case management and billing applications use a framework that manages the application configurations such as: database connections, caching, exception handling and error logging and they have encryption facilities. Database connection passwords are encrypted and all the security related failures are logged in the Windows Event Log.

User authentication is provided by the authentication mechanism integrated with our Active Directory services. Access to the functionalities within the system is handled by using an Authorization and Profile Application block which is used to customize the behaviour of an application for individual users.

User access rights are not managed on a per-person basis. Instead, security access is performed over security groups to allow the greater ease of maintenance. Functional roles are used to represent security groups. This allows the control of user access on a per-group basis.

The applications use role-based database access. All the data updates are done through Stored Procedures or Triggers and these can be accessed only by the database roles. None of the database objects like Tables can be accessed directly by any other user.

If you are unsatisfied with the manner in which your question or concern was addressed, in respect of our online services, you may contact the  International SOS On-line's Data Privacy officer at privacy@internationalsos.com.

International SOS Online is a licensee of the TRUSTe Privacy Program. TRUSTe is an independent, non-profit organization whose mission is to build users' trust and confidence in the internet by promoting the use of fair information practices. If you do not receive acknowledgment of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe at:

http://www.truste.org/consumers/watchdog_complaint.php.

TRUSTe will serve as a liaison with Intl.SOS to resolve your concerns.

If you do not wish to make a complaint through our online services, you may direct all enquiries, concerns or complaints regarding the collection, use, storage, correction, deletion, blocking, disclosure or transfer of personal data to the Data Protection Administrator who is also the International SOS Country General Manager, in the country in which you reside or are receiving services using the contact details attached to this statement.

If you do not receive a satisfactory response from the Data Protection Administrator you may contact the International SOS Chief Data Protection Officer, who is also the General Counsel of International SOS using the contact details attached to this statement.  

The Chief Data Protection Officer has overall responsibility at International SOS for protecting

International SOS will investigate all concerns and complaints and will  address them expeditiously. An acknowledgement of the identity of the employee addressing the complaint and the approximate length of time that will be taken to review the complaint will be provided no later than five (5) business days from the date the complaint is received and understood. Regular updates shall be given to you on the progress of the review if the review is likely to take longer than seven (7) business days.

You have the right at anytime, to raise your issues with a data protection authority or to take your case to a court.

If you receive services from International SOS through an  employer or through a relative’s employer or through an association or institution, or an insurance or financial services program and your personal information has been improperly collected, used, stored, disclosed, amended, destroyed, blocked or transferred as a result of the actions or inactions of the employer, association or institution, insurance company or financial services company, then you will be directed by International SOS to such employer, association or institution, insurance company or financial services company. International SOS will not be liable for resolving disputes between you and such companies, associations or institutions.

International SOS reserves the right to change this policy at any time by notifying users through its website of the existence of a new privacy statement. This statement and the policies outlined herein are not intended to and do not create any contractual or other legal rights.

 Last update: 6th March 2009

Last update did not include any changes in International SOS' practices with respect to personal data processing