Security and Compliance
Information Security is important to Touch and Touch is committed to complying with security standards and guidelines. Touch endeavors to be a secure organisation to protect itself, its partners and its customers. Touch invests in processes, people and technologies to develop an internal and external security culture for its products and services. Touch works with third party security organisations, service providers and product suppliers to meet the ever changing Information Security landscape.
The Touch Security and Compliance Committee ensures that all aspects of Security and Compliance are documented, implemented and independently assessed and audited as required. Touch operates robust System Platforms to deliver value and solutions to our customers while minimising risk.
Touch maintains the following external certifications:
Touch is a Level 1 accredited PCI DSS (Payment Card Industry Data Security Standard) organisation. Accreditation is achieved on a yearly basis through the
PCI DSS Council and is managed by an independent PCI Council approved auditor. PCI DSS accreditation aim to achieve protection of cardholder data which may be stored, processed or transacted through Touch’s systems. PCI DSS has an impact on the personal data that incorporates Cardholder Data which may be stored, processed or transacted through Touch’s systems platforms. Touch maintains PCI DSS to ensure a disciplined approach to security in the delivery of Touch products and services and helping our partners and customers achieve their own PCI DSS needs.
Touch is an accredited Medicare Australia IRAP (Information Security Registered Assessor Program) compliant organisation. Accreditation is achieved every two years under the accreditation program through the Department of Human Services (Australian Federal Government department) and is audited by an independent IRAPS approved auditor. Touch maintains compliance to deliver Medicare
e-Claiming in partnership with Australian banks and other valued customers. This program complies with the Information Security Manual requirements as developed by the Australian Signals Directorate (ASD). Touch work with Australian Banks and other valued customers to deliver Medicare e-Claiming through Touch System Platform and partner technologies.