Diversion Manager Addresses Compliance and GDPR

Diversion Manager is dedicated to maintaining top-tier data security and regulatory compliance. Hosted in Microsoft Azure’s South London facilities, the platform undergoes regular external evaluations and certification to ensure compliance with the General Data Protection Regulation (GDPR) and Payment Card Industry (PCI) standards. This commitment to compliance ensures robust protection of Consumer Personally Identifiable Information (PII) and cardholder information (CHI).

Comprehensive Security Measures

Diversion Manager's hosting environment and applications have been extensively evaluated and audited in several key areas:

●      Network configuration and management

●      Data encryption at rest and in transit

●      Incident response and breach notification processes

●      Logical access and physical security

●      Data retention, destruction policies, and procedures

●      Data privacy protection

A crucial aspect of our compliance commitment is ensuring that no PII or CHI data stored within the UK Azure environment can be accessed by or transferred to entities outside the EU. This ensures that data remains protected under UK and EU data protection laws.

Consent-Based Processing and Consumer Rights

Diversion Manager integrates consent-based processing within all consumer-utilised applications. Privacy and Cookie policies are prominently displayed and easily accessible to consumer users. Our systems require and track consumer verification of their agreement to these terms and their rights under GDPR UK regulations as a mandatory condition for using our applications.

Ongoing Compliance Monitoring and Auditing

All supplier policies related to GDPR and PCI compliance are accessible to relevant authorities under contract and are regularly reviewed and audited. Diversion Manager’s compliance personnel conduct frequent internal assessments, supplemented by external assessors through policy reviews, automated penetration testing, and formal compliance certifications.

The latest Data Protection Impact Assessment Report was conducted by external assessors on May 27, 2024. This report is available for review by clients under contract with AdventFS, further demonstrating our commitment to transparency and regulatory adherence.

Diversion Manager remains steadfast in maintaining the highest standards of data security and regulatory compliance. By leveraging secure cloud infrastructure, rigorous auditing, and consent-based processing, we ensure the continued protection of consumer data while upholding GDPR and PCI requirements. Our ongoing assessments and commitment to transparency provide our clients with confidence in the security and reliability of our platform.

Contact Diversion Manager

Diversion Manager supports your force with our fully functional platform configurable to accommodate Out of Court Resolution programmes with advanced workflow, communication, reporting, and integration with your case management system. Contact us today if you’d like to set a meeting to learn more about Diversion Manager or to schedule a demo.