Online Security Policy for Multiplicity of the Mind Learning Center

Access Control:

• Multiplicity of the Mind Learning Center will restrict access to participant accounts and related information, granting access only to authorized individuals.
• Access to participant course and performance information will be maintained securely and confidentially, ensuring that only authorized personnel have access.

Authentication and Authorization:

• Access to online webinars, which provide continuation education credits, will be restricted to authenticated and authorized users only.

Handling of Sensitive Information:

• Multiplicity of the Mind Learning Center will handle credit card information securely, following the most current defined PCI security standards. We have partnered with Square, a PCI-compliant payment processing platform, to ensure the secure handling of payment data.

Third-Party Data Sharing:

• Multiplicity of the Mind Learning Center does not engage in any third-party data sharing. Participant information is kept confidential and is not shared with any external parties without explicit consent.

Compliance Monitoring:

• Multiplicity of the Mind Learning Center will regularly review its online security policies and procedures to ensure compliance with regulatory requirements and industry standards. Any updates or changes to these policies will be communicated to participants in a timely manner.

Data Security Measures:

• Multiplicity of the Mind Learning Center will implement appropriate technical and organizational measures to ensure the security of participant information, including encryption, access controls, and regular security assessments. Regular audits and reviews of security measures will be conducted to identify and address any vulnerabilities or weaknesses.

Data Breach Monitoring and Response Plan:

• Multiplicity of the Mind Learning Center maintains a comprehensive data breach monitoring and response plan, including the following steps:

1. Identification:
   • Promptly identify any unauthorized access, disclosure, or loss of sensitive information, including participant names, addresses, email addresses, professional license numbers, and workshop attendance records.
2. Containment:
   • Immediately isolate and contain the affected systems or areas to prevent further unauthorized access to sensitive data.
3. Notification:
   • Notify affected individuals whose sensitive information may have been compromised, providing details about the breach and steps they can take to protect themselves, such as monitoring their accounts for suspicious activity.
4. Investigation:
   • Conduct a thorough investigation to determine the cause and scope of the breach, including assessing any vulnerabilities in the systems or processes that led to the incident.
5. Remediation:
   • Take necessary measures to address the vulnerabilities identified during the investigation, such as implementing additional security controls or updates to prevent future breaches.
6. Documentation:
   • Document all actions taken during the response process, including the timeline of events, findings from the investigation, and steps taken to remediate the breach.
7. Review and Improvement:
   • Review the incident to identify lessons learned and areas for improvement in data security practices. Update policies, procedures, or systems as needed to enhance security measures and prevent similar incidents in the future.
8. Communication:
   • Maintain transparent communication with affected individuals throughout the response process, providing regular updates on the status of the breach investigation and any additional measures being taken to address the incident.

By adhering to this Online Security Policy, Multiplicity of the Mind Learning Center is committed to safeguarding the confidentiality, integrity, and availability of participant information, thereby providing a secure environment for continuing education activities.