<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=286651792909821&amp;ev=PageView&amp;noscript=1">

Compliance Strategy

One Inc maintains compliance with various frameworks, and ongoing third-party audits are performed to attest to the state of the platform’s control environments. Below you will find an overview of One Inc’s payment data security compliance along with what they mean for insurance companies.

Standards and Regulations Compliance

icon_pci-compliance

PCI DSS

Insurers must balance creating a frictionless payment experience without sacrificing security. Payment Card Industry Data Security Standard (PCI DSS) applies to all companies that accept, process, store, or transmit credit card information.

As a fully compliant PCI DSS Level 1 Service Provider, One Inc reduces your risk exposure, simplifies your network security and compliance practices.

AICPA SOC Logo

SOC 1 and SOC 2

SOC  (System and Organization Controls) reports, developed by the American Institute of Certified Public Accountants (AICPA), is a set of standards that provides assurance of the effectiveness of controls at an organization.

SOC 1 is an examination of controls that are likely to be relevant to insurers’ internal control over financial reporting, focusing on completeness, accuracy, and data integrity of the data in financial reporting.

One Inc's Digital Payments Platform is compliant with the SOC 1 Type 2 framework, meeting the needs of entities that use One Inc and the CPAs that audit their financial statements. Essentially, the SOC 1 Type 2 audit evaluates the effect of One Inc’s controls of our payment processing which support your financial statements.

SOC 2 covers vendor control assurance related to security, availability, processing, integrity, confidentiality and privacy. With the extent of sensitive data insurance companies need to protect, their vendors must have the right oversight across their organizations.

One Inc's Digital Payments Platform is compliant with the SOC 2 framework, demonstrating effectiveness of controls and ability to meet security, availability and confidentiality standards over a sustained period.

Nacha Certified Logo

Nacha

One Inc is a Nacha-certified Third Party Sender and is fully compliant with National Automated Clearing House Association (Nacha) rules and regulations.

Nacha  establishes operating rules for the ACH Network, governing electronic EFT payments. Insurers that accept premium payments and/or pay claims via ACH must ensure they and their vendors are Nacha compliant.

icon_technology-gear-1

Digital Accessibility

At One Inc, we are committed to accessibility, diversity, and inclusion. As part of that commitment, we are making efforts to ensure that One Inc’s digital properties are accessible to all individuals, regardless of ability.

One Inc Digital Accessibility Statement

Learn more about how One Inc can help your company with security compliance.

Get in Touch