DRC understands the importance of keeping our clients’ data—including Personally Identifiable Information (PII)—secure. We develop and administer numerous research programs that contain highly sensitive and confidential information, including health histories, mental health issues, and sexual assault. To protect the data, effective security policies and procedures are integrated into every aspect of our survey programs.
DRC offers our clients stringent data security and confidentiality measures. We enforce strict security measures to prohibit unauthorized personnel from gaining access to client materials and data, including PII, through either deliberate or unintentional action. With over 30 years of experience managing confidential databases for research projects, we have fine-tuned our security systems, disaster-recovery processes, and confidentiality procedures to be the best in the industry. These measures address the full range of security, including physical building access, employee confidentiality and behavior, and the safeguarding of client information, documents, and products.
For our work with the U.S. Department of Defense, DRC’s Survey Services’ systems are compliant with the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), and we manage our Information Systems under the NIST RMF policies and procedures. NIST RMF compliance encompasses a stringent set of security requirements in order to process and store Defense data. DRC is one of only a few full-service survey research firms with this high level of certification. In addition, DRC survey information systems have been reviewed for compliance with the Health Insurance Portability and Accountability Act (HIPAA).