Snap Surveys provides survey software and web based survey services to a wide variety of organizations worldwide. We have offices in the UK in central London and Bristol, and in the US in Portsmouth, NH.
Our customers include national and local government bodies, universities, charities and a wide variety of commercial organizations, including market research organizations undertaking research projects for their own customers.
One consequence of this global coverage is that requirements arise from time to time for Snap Surveys as an organization, or one or more of Snap Surveys products and services, or certain data or systems, to comply with particular laws, standards or regulations in various parts of the world.
It is precisely because of the inherent diversity of such requirements, and the control that individual customers have over survey invitations, content and presentation of questionnaires, together with the data gathered, that Snap has chosen one overarching security standard to cover all systems.
International gold standard security
Snap Surveys takes seriously its obligation to provide all our customers worldwide with survey software and services that conform to the best available security, accessibility, and professional guidelines.
That’s why we are proud to be independently audited and certified by Lloyds Register Quality Assurance as being compliant with ISO 27001, the internationally recognised gold standard for information security systems.
The following is an extract from the ISO website:
ISO 27001 assists organisations in the development of an information security management system that is integrated, comprehensive and incorporates globally-recognised best practices. For example, this global standard has assisted organisations in the US comply with such regulatory acts as:
- The Health Insurance Portability and Availability Act (HIPAA)
- Gramm-Leach-Bliley Act (GLBA)
- The Californian Senate Bill 1386
- Online Personal Protection Act
- Sarbanes-Oxley Act (SOX)
- Federal Information Security Management Act
For more information about ISO standards see:
Host data in the UK, the US, or on your own servers
We understand that data location is an important consideration. That’s why we have packages available through which you can choose dedicated US or UK based servers if that is preferred or required. You can also install Snap Surveys management system on your own servers.
Snap Surveys’ UK and US based data centres are hosted at Microsoft Azure, Rackspace and ANS Group (previously UKFast), all of which are ISO 27001 certified. We carefully selected our hosting providers as they offer the same high standards of information security, so you can be sure your data is safe with us.
As an alternative to our online subscription service, you can also run our online survey management system on your own servers. A growing number of our customers are choosing this option as it offers complete control over your surveys and data. This might be considered the highest possible level of compliance with HIPAA for example, as keeping all protected data on the covered entity’s systems means no business associates are required.
If you have specific requirements above and beyond the assurance provided by ISO 27001 we are very happy to discuss them with you.
Secure online survey delivery
Security levels are maintained both for the service itself, for the platform it is running on, and for the backup and support services behind it.
Data security is our top priority and is not optional. The security package is standard on all new accounts, and comprises:
- ISO/IEC 27001 certified
- UK(EU) and US data centres
- US data centres are SAS 70 / SSAE 16 certified
- Secure (https), encrypted questionnaire and report delivery
- Data encrypted at rest
- Permanent malware scanning
- Latest security updates applied
- Daily vulnerability scan
- Daily backups
- Optional questionnaire login ID / password
- Enforced password policy for survey management
- Multi-Factor Authentication (MFA) is available to provide an extra layer of security when signing in
Surveys accessible to all
Snap Surveys web questionnaires are compliant with WCAG (Web Content Accessibility Guidelines) devised by W3C (the World Wide Web Consortium) and with US Section 508 requirements. For details see accessibility.
Although some aspects of WCAG compliance are the responsibility of the user, Snap Surveys software includes many features that enable the production of questionnaires that go well beyond those requirements. We work with both RNIB (Royal National Institute of Blind People) and Action on Hearing Loss (previously RNID) to ensure that we provide as much support as we possibly can for users and respondents with impairments.
Snap Surveys Corporate Professional and Commercial “Best Practice” Bodies
- ISO/IEC 27001:2013 Information technology, Security techniques, Information security management systems certification
- Corporate member of the Association for Survey Computing (www.asc.org.uk)
- Founding Member of the Triple-S Group (www.triple-s.org)
- Individual staff Members and Fellows of the British Computer Society
- Individual staff Associate and Full Members of the Market Research Society
- Corporate member Insights Association
- Corporate member Council of American Survey Research Organizations
- Better Business Bureau Accredited Business
- Registered supplier to the US Government under the GSA Schedule
- Meet the National Data Guardian’s 10 data security standards for the NHS Digital Data Security and Protection Toolkit.
- Registered supplier to Financial Services under FSQS.
Snap Surveys Limited and Snap Surveys NH, Inc. are committed to protecting and respecting your privacy.
Software Legal and Service Agreements
Snap Surveys Software, legal, and service agreements including; 30 day money back guarantee, Customer Support and Piracy Policy.
We have always taken data protection and the security of all of your data (whether personal or not) very seriously. Since 2013 we have been certified to ISO 27001, the international standard for best practice for information security management systems. We prepared well in advance for GDPR by building on our ISO and Data Protection Act compliance frameworks.
NHS Digital Toolkit
We have met the standards set out by the NHS Data Security and Protection Toolkit.
This is a standard that provides assurance of our commitment to good data security and the protection of all personal information.
You can view our official listing on the NHS website here. Organisation Details (dsptoolkit.nhs.uk)