Privacy by Design
At Nasdaq Verafin, information security and data privacy are fundamental principles guiding our mission to protect the fabric of the global financial system. Data privacy is inherent in our software development lifecycle from start to finish.
Nasdaq Verafin adheres to the 7 Foundational Principles of Privacy by Design as developed by Dr. Ann Cavoukian.
Proactive Not Reactive; Preventative Not Remedial
Nasdaq Verafin’s software development lifecycle formally bakes in data privacy from start to finish, rather than taking the “bolt-on” approach.
Privacy as the Default Setting
We maintain SOC2-audited processes as a testament to our security, data minimization and privacy principles.
Privacy Embedded into Design
By formally including privacy and security principles at all stages of the development process, we ensure key requirements such as data minimization are always met.
Full Functionality: Positive-Sum, Not Zero-Sum
Nasdaq Verafin became a cloud-native solution in 2012 — this visionary move allowed us to include Privacy by Design (PbD) from the ground up, ensuring data protection for financial institutions. Cloud adoption has also enabled Nasdaq Verafin to scale our products to meet the ever-increasing demands of financial institutions, rapidly developing and deploying new analytics while continuing to meet financial institutions’ privacy requirements.
End-to-End Security: Lifecycle Protection
Using innovative solutions such as Field-Level Encryption, data hashing, application data masking, Role-Based Access Management and cryptographic destruction of data, Nasdaq Verafin manages the security of financial institutions’ data throughout the entire data lifecycle.
Visibility and Transparency: Keep It Open
Our shared responsibility to security and privacy are underlined by our dedicated Data Protection Officer, whose role is to oversee compliance and address any privacy concerns, as well as our AVP of Data Governance, who works with all stakeholders in the business to ensure we meet the highest privacy standards by intent, design and practice.
Nasdaq’s General Data Protection Regulation (GDPR) program has been in place since 2016, predating the enforcement date by two years.
We provide annual, audited, mandatory security and privacy awareness training to all staff, and annual mandatory secure coding training for technical staff to ensure everyone at Nasdaq Verafin knows their part in protecting our financial institutions’ data.
Respect for User Privacy: Keep It User-Centric
This is built into our products from the ground up, with many features such as Data Lifecycle Management tools allowing financial institutions to control key facets of data privacy.
Privacy by Design
At Nasdaq Verafin, information security and data privacy are fundamental principles guiding our mission to protect the fabric of the global financial system. Data privacy is inherent in our software development lifecycle from start to finish.
Nasdaq Verafin adheres to the 7 Foundational Principles of Privacy by Design as developed by Dr. Ann Cavoukian.
Proactive Not Reactive; Preventative Not Remedial
Nasdaq Verafin’s software development lifecycle formally bakes in data privacy from start to finish, rather than taking the “bolt-on” approach.
Privacy as the Default Setting
We maintain SOC2-audited processes as a testament to our security, data minimization and privacy principles.
Privacy Embedded into Design
By formally including privacy and security principles at all stages of the development process, we ensure key requirements such as data minimization are always met.
Full Functionality: Positive-Sum, Not Zero-Sum
Nasdaq Verafin became a cloud-native solution in 2012 – this visionary move allowed us to include Privacy by Design (PbD) from the ground up, ensuring data protection for financial institutions. Cloud adoption has also enabled Nasdaq Verafin to scale our products to meet the ever-increasing demands of financial institutions, rapidly developing and deploying new analytics while continuing to meet financial institutions’ privacy requirements.
End-to-End Security: Lifecycle Protection
Using innovative solutions such as Field Level Encryption, data hashing, application data masking, Role-Based Access Management and cryptographic destruction of data, Nasdaq Verafin manages the security of financial institutions’ data throughout the entire data lifecycle.
Visibility and Transparency: Keep It Open
Our shared responsibility to security and privacy are underlined by our dedicated Data Protection Officer, whose role is to oversee compliance and address any privacy concerns, as well as our AVP of Data Governance, who works with all stakeholders in the business to ensure we meet the highest privacy standards by intent, design and practice.
Nasdaq’s General Data Protection Regulation (GDPR) program has been in place since 2016, predating the enforcement date by two years.
We provide annual, audited, mandatory security and privacy awareness training to all staff, and annual mandatory secure coding training for technical staff to ensure everyone at Nasdaq Verafin knows their part in protecting our financial institutions’ data.
Respect for User Privacy: Keep It User-Centric
This is built into our products from the ground up, with many features such as Data Lifecycle Management tools allowing financial institutions to control key facets of data privacy.
