At Motus, we understand the gravity of our responsibility to safeguard your data. That’s why we invest so heavily in data security and privacy. Our Legal, Compliance and IT & Security functions work together to continually enhance our practices. Here are some of the key investments we’ve undertaken to fortify our security infrastructure and protect your data:
In addition to my role as SVP Legal, I now serve as Motus’s Data Protection Officer. As DPO, I oversee how Motus processes personal information and complies with data protection regulations. Appointing an executive to this function allows Motus’s data privacy program to operate with authority and access resources in a manner commensurate with our commitment to be best-in-class.
At Motus, we work tirelessly to identify potential vulnerabilities before bad actors can exploit them. In addition to regular penetration testing (cyber-security attempts to find vulnerabilities in our systems), Motus submits its system security to regular, third-party audits.
Motus commits significant resources to performing annual SOC 2 Type II audits. SOC 2 (System and Organization Controls 2) is an auditing procedure developed by the American Institute of CPAs (AICPA) to ensure an unbiased and comprehensive evaluation of our security posture. This enables our security team to promptly address any vulnerability, and we integrate the learnings into our ongoing security strategy.
This process is lengthy and resource-intensive, and yet Motus submits to it voluntarily. So while it is not required by any regulatory agency, Motus is dedicated to giving our customers the value that comes from selecting a partner who dedicates resources to doing what’s best—and not simply what’s required.
Motus has invested in ensuring we have certified experts in the field of data privacy. While all of our in-house counsel are trained in data privacy, a couple of us have obtained, or are in the process of obtaining, the credential for Certified Information Privacy Professionals (CIPP) from the International Association of Privacy Professionals (IAPP). Another significant investment on the part of Motus, our counsel have enrolled in training programs, submitted to examination, and carry continuing education obligations to maintain the status. This is another investment that no governing body requires, but simply amplifies our commitment to being best-in-class.