HotSchedules Standards Regarding Data Privacy & Security
In an effort to demonstrate Red Book Connect (dba HotSchedules) standards with respect to customers’ data, we have produced this web page to help answer questions about our data privacy and security policies.
HotSchedules endeavors to protect our customers’ data and subscribers’ personal information. We take a comprehensive approach through integration of controls across security and privacy both in operations and business processes. Our commitment to data privacy and security includes implementation of reasonable physical, administrative and technical safeguards designed to protect data from unauthorized access, use and disclosure.
Our integrated data privacy and information security strategy is designed to ensure our customers’ data is secure and confidential.
- Data protection and limited use
- Information we collect
- Information we share
Data used within the HotSchedules service offerings is collected in various ways, including through registration into the service, data customers and subscribers provide to us and data collected in the service delivery process from customers and subscribers using the product.
We generally do not seek to collect sensitive data types including, but not limited to credit card information, health related information or social security numbers, as these data types are not required in the operation of our services.
We may use information derived from the data that we collect from all of our services to provide, maintain, protect, and improve our services as well as develop new services and features. All data utilized in this process goes through a de-identification process to ensure no attributes linking it to a specific person or customer remain.
We use multiple virtual machines that allow us to scale the web tier horizontally.
Privacy Laws and Regulations
When appropriate, we will establish new processes and enhance current processes to meet the compliance requirements with new privacy and security initiatives.
We approach security in multiple ways that include written policies and standards, employment practices, product development processes, operational and business processes as well as technology. We work to align our information security strategy with our product roadmap and service offerings.
HotSchedules security program includes a comprehensive controls framework designed to provide oversight and control structure in a defense-in-depth program. This program includes but is not limited to security controls and operational and business processes within the following areas:
- Physical and logical security
- Risk management
- Access and identity management
- Information protection & classification
- Vulnerability management
- Incident response
- Configuration and change management
- Security education