Locations

Languages

Governance

Rectangle shape overlay ESG Governance

Customer Privacy

Customer privacy is core to our operating procedures.

Sedgwick maintains a global information security program that’s compliant with ISO 27001, and it has policies and procedures in place to regulate data privacy and data transfers across the organization and ensure our services are compliant with data protection laws around the globe.

Regulatory and legal compliance

We have a team of cross-functional subject matter experts who work to ensure our regulatory and legal compliance. Experts from compliance, anti-fraud, legal, quality performance and line of business practices all work together to actively monitor, assess and comply with applicable requirements. Key stakeholders from across the organization also meet regularly for our data protection forums, where they evaluate our privacy program against established key performance indicators, address emerging topics and discuss ways to enrich our privacy framework.

Privacy Management

Compliance Policy

Internal Audits

Third-party Audits

Privacy Management

Sedgwick uses a privacy-centric technology platform for privacy and security management of assets, processes, vendors, incidents and data subject rights requests. Sedgwick is transparent and meets privacy law requirements including:

  • Consumer privacy and data subject rights notice at sedgwick.com/global-privacy-policy.
  • Links to the Sedgwick global privacy notice in communications.
  • Notice and ability to manage e-cookies.

Compliance Policy

We maintain a compliance policy and records retention schedule for all relevant manual and electronic document types, which are available to all colleagues via the company intranet. Requests for electronic records follow a defined process, whether for internal use or legal e-discovery to ensure compliance.

Internal Audits

Our IT security and internal audit teams conduct regular company-wide risk assessments with a variety of leaders across the global business to assess awareness and address risks to compliance with local regulations and financial reporting accuracy. The assessments are used to help management recognize areas for continued reinforcement of controls and to guide the internal audit plan, with audit committee involvement.  

Third-party Audits

Sedgwick has undertaken a series of external compliance assessments where appropriate: SOC1, SOC2, ISO 27001 and PCI. These areas focus on internal controls to protect and monitor our client’s finances, information and timely processing of claims.

Data protection and security
Management of environmental and social impacts in the supply chain