DiversityInc Top 50 Data Security Policy and Procedures

 

Data Submission Security Process

An alphanumeric code is assigned to each company and cannot be used by any other organization. All IP addresses for every session utilizing your company’s unique code are tracked. Our data-management practices are ISO/IEC 27002 compliant.

Data Storage

The web-based survey tool, the statistical-analysis system and all data submissions are on three separate dedicated servers at a leading IT company that deploys a multilayered physical security approach and complies with the U.S.–EU Safe Harbor Framework and the U.S.–Swiss Safe Harbor Framework.

Data are retained for year-to-year aggregate trending information.

Access to Data at DiversityInc

Administrative access is limited to two DiversityInc employees and credentials are changed every 30 days.

Confidentiality Agreements

Because of the volume of participants (we estimate more than 1,000 this year), we will not sign individual agreements. This published statement applies to all companies submitting data.

DiversityInc, Subpoenas and Lawsuits

The DiversityInc Top 50 survey is a purely editorial process and, therefore, is subject to state laws on source confidentiality. Since DiversityInc is headquartered in New Jersey, which has one of the strongest shield laws in the country to protect source privacy, we have never agreed to even cooperate with a lawsuit in 15 years of running the survey. If subpoenaed, we will not testify, even if asked whether a company has submitted data.

How DiversityInc Top 50 Data Are Analyzed

We use SAS software and have developed algorithms to statistically evaluate the data we collect. The evaluation is metrics driven. We measure respondents’ answers based on their assessment against other organizations with similar workforces. For more on the methodology of the ranking, click here.

Credibility of Submission 

We require the CEO, the CHRO or another corporate officer to sign every submission (notarized). This applies to all companies.

Why are you asking companies to submit EEO-1 information this year?

We are giving extra credit to companies that either send us a link to a public disclosure of their EEO-1 numbers or send us the information separately. We will not publish their EEO-1 data. The EEO-1 data will be compared with the DiversityInc submission.

Do you share any of our data with the public when the list is announced or do you write about it?

We only publish information about companies that make the DiversityInc Top 50 list or one of our Specialty Lists. Any information that is shared is positive and does not disclose human-capital data.

For more on DiversityInc, click here.

More on the DiversityInc Top 50