Security & Compliance
Physical
Mid-South utilizes a time-controlled access system requiring a separate and unique passcode for each employee’s entry. Our system creates log files for each employee to show when that individual accesses and leaves the floor. Log files are stored for auditing purposes. Access to data centers and servers require a separate and additional security clearance for entry. Our facility employs 24-hour video surveillance and records both collection floor and data center operations. Motion sensors, glass breaks, smoke detectors, and door sensors are monitored by an offsite security company 24-hours a day. All physical documentation with personal information is stored and destroyed in accordance with the federal information security management act.
Network
Our onsite data center incorporates the use of identical, mirrored offsite servers that continuously back up our host center. In the event of a host server failure, offsite servers will have our office online within 1 hour. All servers are protected by 2 independent firewalls from outside our network as well as internal network security protocols. Both data centers are protected by dual UPS battery backups. Mid-South has a comprehensive recovery plan that includes the use of our secondary office in the event of a major disaster.
Compliance
With consumers having readily accessible information at their fingertips, it’s easier for them to educate themselves on their rights. All phone agent undergo extensive FDCPA, HIPAA, FCRA, TCPA, GLBA, SCRA, and 501(r) training prior to certification testing. Our goal is to mitigate risk through the extensive training and education of our employees.
Insured
Mid-South carries required errors & omissions coverage for the protection of itself and its clients.
FDCPA
Mid-South continuously trains all employees on the rules and regulations contained in the Fair Debt Collection Practices Act. All employees are required to have a thorough knowledge of these laws and their real world applicability.
GLBA
The Gramm-Leach-Bliley Act (GLBA) and its implementing regulation, Regulation P, impose limitations on when financial institutions can share nonpublic personal information with third parties. Mid-South complies with the storage and segregation of data within its servers in regard to the rules and regulations set forth in the GLBA.
FCRA
The Fair Credit Reporting Act is the U.S. Federal Government legislation enacted to promote the accuracy, fairness, and privacy of consumer information contained in the files of consumer reporting agencies. Mid-South regularly audits its entire database to ensure correct reporting and accounting to the credit bureaus with whom we report.
501 (r)
New ACA regulations imposed new requirements on 501(c)(3) organizations that operate one or more hospital facilities. Our agency has worked with healthcare organization and modified our workflows to comply with financial assistance policies, credit reporting requirements, and the use of extraordinary collection actions to minimize risk to our clients.
TCPA
The TCPA restricts telephone solicitations and the use of automated telephone equipment. Though these regulations are ever changing, our agency utilizes a dialing system that does not use predictive analytics or automation to execute its dialing strategies.
HIPAA
HIPAA legislation provides data privacy and security provisions for safeguarding medical information. Mid-South complies with the storage and segregation of medical account data within its servers in accordance with HIPAA rules and regulations.