• English (United States)
  • French
  • Arabic
  • Chinese
  • Russian
  • Spanish
Welcome
Home
Reports
Reporting
NPWI Company Dashboard
Company Dashboard
About

Data Security Policy Summary

100 Basins App Data Security Policy Summary

The CEO Water Mandate as part of the Pacific Institute has created and developed the 100 Basins app for companies, implementers, and other NGOs to use to collect and share information on various initiatives, including the 100 Priority Basins, collective action, and Net Positive Water Impact (NPWI).

Recognizing that some data collected can be considered potentially confidential, the app has been developed following the United States information security framework NIST SP 800-53. This includes ensuring data is securely stored and encrypted at all times, only approved users have access to the app, role-based accounts are used to ensure users have access to only the data they need, and the application is hosted in a SOC II audited and compliant cloud environment.

Other security features integrated include best practice user authentication, including multi-factor authentication, and robust password management requirements.

With the exception of name and email address, there is no other personally identifiable information (PII) present in the application and company data is shared only with approved 3rd party entities for the purpose of validating NPWI claims only. Companies must submit the names of any 3rd party validators and staff they wish to access their NPWI data and access is time-bound, expiring automatically at the end of the designated review period.

This document is intended to provide a high level summary of the data security posture of this app. For a full written copy of the Data Security Policy, please email contact@wateractionhub.org or reach out to any CEO Water Mandate staff member.