Regulatory Compliance

Our products are developed to be innately compliant with critical attention which allows your associates to focus on revenue recovery as opposed to monitoring industry regulations. Among the regulations that are baked into our products are compliance with the following: Health Information Portability and Accountability Act (HIPAA), Gramm Leach Bliley Act (GLB), Fair Debt Collection Practices Act (FDCPA), Federal Information Security Management Act (FISMA), Fair Credit Reporting Act (FCRA), Sarbanes Oxley (SOX), Fair and Accurate Credit Transaction Act (FACTA) and the FTC Red Flags Rules.
 

In addition, our internal design and development efforts are undergoing independent accreditation to continuously review our products to ensure we are meeting critical industry standards, through enablement, configuration, and specific coding,   including standards related to the Payment Card Industry Data Security Standard (PCI-DSS) and the Payment Application Data Security Standard (PA-DSS).

At Ontario Systems, we are operating our business with industry leading best practices in quality and security. Accordingly, we focus as a team on achieving independently verified certifications that demonstrate our commitment to this goal. Among the certifications currently attained are SSAE 16 Type II Certification, ISO 9001:2008 Quality Management Certification, ISO 27001:2005 Information Security Management System Certification and CMMI Maturity Level II Software Development Rating.

Ontario Systems Achieves SAS70 Level II Compliance

Reinforcing our reputation as a trusted advisor and valued partner to our clients, Ontario Systems continually completed SAS70 Level II certification audits at regular intervals since 2006. In 2011 the company transitioned to the new standard, SSAE 16, and completed an extensive audit conducted by a highly qualified external examiner.  Qualified external examiners have continually affirmed the company’s implementation of effective business controls aimed at achieving low risk and high integrity business practices.  In addition to the highly successful control activities certification, Ontario Systems was cited as achieving the “gold standard” among our constituents for our excellent preparation for this audit.

For more information on SAS70 Compliance, please click here.

Ontario Systems Achieves ISO 9001:2008 Certification

ISO 9001:2008 is an internationally accepted standard that outlines commonly accepted best practices for an enterprise wide quality management system. In achieving ISO 9001:2008 certification Ontario Systems reinforced its reputation as the leading provider of software related products and services designed for accounts receivables industries through recognition as having world class best practices in areas of software development, human resource practices, compliance, security, customer service, supply chain management and sales and marketing processes. The company has completed annual surveillance audits each year to affirm that the quality management system is operating in accordance with the standard. 
 
Furthering our reputation as a high quality solutions and services provider, Ontario Systems completed the ISO 9001 full certification audit and has maintained certification since December 2010.

For more information on ISO 9001 Certification, please click here.

Ontario Systems Achieves ISO 27001:2005 Certification

ISO 27001:2005 is an internationally accepted standard that provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System. ISO 27001:2005 compliance recognizes companies that have implemented documentation and records management to ensure confidentiality, integrity and availability of information assets.  The certification recognizes that Ontario Systems’ offerings are compliant with international and local security best practices.
 
With global acceptance and adoption in over 150 countries, the ISO standard is designed to ensure high security standards to protect information assets and meet regulatory requirements.  The certification is a key differentiator in Ontario Systems’ accounts receivable and revenue cycle management offerings as the company works with numerous clients in heavily regulated industries.
Furthering our reputation as a high quality solutions and services provider, Ontario Systems completed the ISO 27001 full certification audit and has maintained certification since July 2010.

For more information on ISO Certification, please click here.

Ontario Systems Product Development rate CMMI Maturity Level 2

CMMI is a software development process improvement approach which has become the standard for measuring an organization's capability to apply a process based methodology to software development. This approach integrates the entire spectrum of software development including software engineering, testing, and project management. CMMI helps integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guidance for quality processes, and provide a point of reference. Ontario Systems completed the implementation of the process and methodology for its product development work in accordance with the practices in the CMMI model and was awarded a CMMI Maturity Level 2 rating in 2010 following an extensive appraisal conducted in compliance with the standard appraisal method of the Software Engineering Institute (SEI).  In addition the company’s Organizational Learning and Development department was awarded a capability level 3 rating.

For more information on CMMI Certification, please click here.