Quadient Digital Trust Center

Disclaimer

This page is relevant to Quadient Digital (previously ICA) solution line from the product compliance perspective. Other parts of Quadient, like Mail (previously MRS) or Lockers (previously PLS) might adhere to different standards. Please reach out to your Account Manager if you are interested in those matters relevant to Mail, Lockers or Quadient internal IT.

Security, Privacy and Compliance Information

Our primary objective in creating this page is to provide an open and transparent overview of Quadient Digital solutions Compliance governance program. We believe in fostering a culture of clarity, where all stakeholders, including customers and partners, can readily access and understand our principles, guidelines, and practices. By sharing this information, our goal is to promote trust, accountability, and informed decision-making as we work to continuously improve our program.

Quadient emphasizes compliance with multiple certifications, frameworks, and legal requirements such as ISO27001:2013, ISO9001:2015, HITRUST, PCI-DSS, SOC2, NIST, GDPR, HIPAA, or CCPA. Compliance levels are regularly reviewed by internal auditors and independent external auditors to provide that all controls are in place, working as intended and in line with both Quadient and its customers’ expectations.

Quadient employs a dedicated team responsible for managing the Quadient Digital Compliance, which includes:

Information Security Management System (ISMS), including Risk Management, Incident Management, Business Continuity, Disaster Recovery etc.
Privacy Information Management System (PIMS)
Quality Management System (QMS)
Environmental, Social and Governance (ESG), including Environmental Management System (EMS) and Corporate Social Responsibility (CSR)
Occupational Health and Safety (OHAS)
Fire Safety (FS)

Various roles such as Security and Compliance Managers, Data Protection Officers, Cyber Security Analysts, Penetration Testers, Quality Engineers, and Environmental Managers are dedicated to manage or support above mentioned management systems. These professionals hold relevant certifications and their education is continually improved.

The links below contain more information about the comprehensive security and governance program implemented by Quadient Digital, including security awareness training for employees, acceptable use policies, access control, availability and continuity measures, asset management, backups, business continuity planning, change management, cyber insurance, disaster recovery, encryption, hardening measures, HR security practices, incident management, internal and external audits, logging, monitoring, network security, data loss prevention, password management, and more.

If you have any additional questions, you can reach out to us at privacyteam (at) quadient.com for privacy relevant questions or security (at) quadient.com for security relevant questions.

Finally, our Quadient University can provide you a wide list of topics relevant to Quadient Digital products.

Quadient Digital Solutions

The following Quadient Digital solutions are provided as SaaS for which Quadient uses Microsoft Azure (Azure) and Amazon Web Services (AWS):

Customer Experience Management (CXM)

Referring to Inspire solutions. For enterprises who wish to create exceptional customer experiences, we provide omnichannel software solutions and expertise that deliver compliant and meaningful customer interactions. This includes Inspire Evolve, Inspire Flex, Inspire Journey and Digital Boost.

Intelligent Documentation Automation (IDA)

Referring to Impress solutions. For businesses who want to streamline document production processes and departmental workflows, we provide digital solutions that help automate communications and accelerate cash flow. This includes Impress Automate, Impress Distribute and Impress Invoice.

Account Receivables (AR)

Referring to “Quadient AR, by YayPay”. Automate Accounts Receivable to simplify the collection Process and reduce DSO.

Account Payables (AP)

Referring to “Quadient AP, by Beanworks”. Approve invoices and pay vendors remotely while reducing AP costs.

Digital HUB

Initial login portal/hub allowing access to Quadient Digital solutions purchased by the customer.

Quadient iForms

Quadient Inspire iForms (formerly Daylight Automation) allows you to create intelligent forms that collect, validate, and communicate business-critical information and data seamlessly across your organization.

Applicable Certifications and Assessments

Quadient Digital solutions are subject to many certifications, assessments and legal requirements, which are regularly externally validated.

Please note, that not all below mentioned are valid for all Quadient Digital solutions. Please use link below to understand, which certification and/or assessment is valid for a specific Quadient Digital solution.

Main Security, Privacy and Compliance Areas

This chapter serves as an overview of Compliance, Security and Privacy controls implemented within Quadient Digital solutions.

These controls are regularly reviewed by internal auditors and independent external auditors to provide that all controls are in place, working as intended and in line with both Quadient and its customers’ expectations.

If you have any additional questions, you can reach out to us at privacyteam (at) quadient.com for privacy relevant questions or security (at) quadient.com for security relevant questions.

Latest Updates on Cybersecurity and Compliance

This page is intended to inform our customers and partners about the latest compliance updates for Quadient Digital.

For a full list of vulnerabilities and hot fixes, please visit our solutions Knowledge base.

Quadient Digital Trust Center

Disclaimer

Security, Privacy and Compliance Information

Quadient Digital Solutions

Applicable Certifications and Assessments

Main Security, Privacy and Compliance Areas

General Security and Compliance

Product Security

Information and Cyber Security

Data Privacy

Environmental, Social and Governance (ESG)

What Can Be Shared

Latest Updates on Cybersecurity and Compliance

Quadient Digital Trust Center

Disclaimer

Security, Privacy and Compliance Information

Quadient Digital Solutions

Applicable Certifications and Assessments

Certifications / assessments per Quadient Digital solution

Main Security, Privacy and Compliance Areas

General Security and Compliance

Compliance

Overview Committees

Policies

Team

Product Security

Datacenters

Customer Data Separation

Quadient Access to Customer Data

Sub Processors

Information and Cyber Security

Awareness

Acceptable Use

Access Control

Availability and Continuity

Asset Management

Backups

Bugbounty

Business Continuity

Change Management

Cyber Insurance

Disaster Recovery

Encryption

External Security Reports

Hardening

HR Security

Incident Management

Internal and External Audits

Logging

Monitoring

Network Security

Password Management

Physical Security

Quality Assurance

Risk Management

Secure Development

Security Bulletin / Status

Shared Responsibility

Third Party Management

Vulnerability Management

Data Privacy

Data Protection Officer

Data Breach Notification

Data Subjects Rights

Data Retention

Data Erasure

How to Contact Us

Privacy Statement

Environmental, Social and Governance (ESG)

Environmental Goals

Environmental Vision

Recycling waste

Rules of our EMS

What Can Be Shared

Reports and Records

Policies

Latest Updates on Cybersecurity and Compliance

November 5, 2024 - HITRUST interim passed

October 10, 2024 - Successful ISO 27001 surveillance audit

September 20, 2024 - Confirming Quadient commitement to Quality and Environment

June 19, 2024 - PCI-DSS v4.0 for Quadient AR

June 6, 2024 - ISO 27701 for AR successfully re-certified

April 11, 2024 - ISO 27017 and ISO 27018 for AR

February 12, 2024 - Successful privacy re-assessments

February 5, 2024 - CSA STAR listing for Quadient ICA SaaS solutions updated

September 18, 2023 - ISO 27017 and ISO 27018 re-certifications for CXM and IDA

August 11, 2023 - Successful HIPAA re-assessment for AR

June 1, 2023 - SOC2 re-assessment

May 31, 2023 - GDPR, CCPA and HIPAA for ICA HUB SaaS solution

May 30, 2023 - PCI-DSS re-certified in YayPay

May 5, 2023 - ISO 9001 and ISO 14001 re-certification

April 14, 2023 - EcoVadis platinum for Quadient Group

March 29, 2023 - CSR report for Czech Republic