Enhanced Privacy and Security at Forethought

By Forethought Security Team
A gold lock lays on a keyboard next to two chipped cards.

Let’s talk about data. 

We collect more data than ever before and often, we don’t know where it goes. 

As your business grows and your customer base expands, so does the need to protect that growth and new customer and company data. 

When establishing partnerships and relationships with companies who utilize your company and customer data, it’s important you’re aware of the privacy and security measurements being taken by the companies consuming your data. 

At Forethought, customer trust comes first. 

We take the responsibility of managing your customer data seriously and are committed to jumping through the necessary hoops to enhance our platform to help ensure data privacy. 

Many businesses these days often work with vendors as sub-processors in order to manage and send sensitive data. This is usually a liability and there’s a better way to go about it. According to the United Nations Conference on Trade and Development, 133 countries have legislation in place to protect data and privacy and many more have laws currently in legislation. 

And Forethought has made that easier. 

Forethought is now the first company in the customer service AI (Artificial Intelligence) platform space to create processes that enable mechanisms to redact sensitive data such as Personally Identifiable Information (PII), Protected Health Information (PHI), and Financial records (i.e, bank and credit card info) as a default.

There are a few benefits to this approach:

  • This removes the privacy burden put on you and your business to manage vendors who have access to your confidential and critical information
  • Assists your company aligning with data minimization policies
  • Reduces compliance burdens with data residency requirements
  • Creates a safer version of AI by removing any possibility for discriminatory practices from input data 

Privacy Burden Removed with Third-Party Review

Your data is important. Forethought’s process removes the privacy burden placed on businesses who use vendors to process confidential and critical information. When using a vendor to manage your data there is always a lengthy process to onboard the vendor (ex: legal, compliance, and security review.) Removing the need to store sensitive data reduces the required extensive vendor review to onboard vendors since sensitive data is not stored. Removing this privacy burden also reduces another attack vector that could lead to possible security breach and notification to customers

Align with Data Minimization Requirements

Many regulations (ex: Article 5(1)(c) of the General Data Protection Regulation and HIPAA 45 CFR 164.502(b), 164.514(d)) and jurisdictions have been pushing companies and entities to follow the principle of data minimization — only collecting data that is adequate, relevant, and limited to what is necessary for specified purposes. Forethought is best aligned with this approach since no sensitive data is ever stored. 

Reduce Data Residency Requirements

Data residency laws require that companies operating within a country keep data about its citizens on servers located in that country. When accessing sensitive data elements, a majority of data residency requirements are required. Forethought is aligned with AWS’s approach to Data Residency requirements that policy solutions, such as data transfer agreements and leveraging well-reputed international security accreditations, can serve as sufficient means to address data residency objectives. Forethought has successfully completed SOC2 and HIPAA assessments. In addition the redaction of any sensitive data provides additional assurance to assist companies with completing internal and external assessments on achieving this requirement.

Create a Safer AI 

Currently, there are regulators on a mission to develop guidance and frameworks to help detect and stop discriminatory practices from AI models. As a a result of Forethought’s sensitive data redaction, our AI models do not intentionally make discriminatory decisions based on a user’s population, race, or gender, which allows for less susceptibility to discriminative practices. 

Forethought’s approach helps companies deploy Forethought solutions worldwide and avoid the worry about complying with local regulations for data handling since general regulated data points such as PII are redacted and never stored at Forethought. So far, Forethought has been able to redact over 300+ million interactions and ensure the safety and privacy of customer data. These enhanced privacy mechanisms are applied within all of Forethought’s products.

Security is at the forefront of everything Forethought does. We are committed to protecting your data and protecting your data on our platform. Our security team is available to answer any questions or concerns you may have regarding these enhanced security measures. Please contact them at [email protected]

Download

Forethought's guide for navigating the evolving landscape of customer support for 2021 and beyond.

Get your copy
Call to action decor Call to action decor