Achieving and maintaining compliance is imperative to many of the businesses who house their infrastructure and applications at NetSource, and we take those requirements very seriously. NetSource’s datacenter maintains a wide range of compliance certifications in order to help you meet your compliance needs.
SSAE16 Type II, SOC1, SOC2
Our Chicago area datacenter is SSAE 16 Type II (Statements on Standards for Attestation Engagements), SOC1, SOC2 compliant, and we complete an annual audit to maintain this compliance. The SSAE 16 Type II audit means that NetSource implements a tested set of processes and controls at our datacenter, including security procedures for all our clients. Our tested environment is set up to handle enterprise hosting needs where items like HIPAA, SOX, and PCI compliant hosting may be required.
PCI DSS Compliance
NetSource is a PCI compliant web hosting provider. Today all ecommerce merchants are required to use a PCI DSS compliant web host for their ecommerce applications. PCI DSS, Payment Card Industry Data Security Standard, is required by all major credit card companies. As a PCI compliant hosting service provider, NetSource qualifies using the SAQ-D questionnaire, the most difficult assessment for PCI compliance. We can provide an Attestation of Compliance (AOC) to any customer that requests it in order to prove they are using a PCI compliant host.
NetSource offers managed hosting services that will help your business with PCI compliance. These services can be added to our colocation, dedicated, or cloud hosting packages.
HIPAA and the HITECH Act were created by the US and apply to healthcare providers with access to PHI (protected health information). Healthcare companies that are using a hosting service are typically required to sign a Business Agreement (BAA) with their hosting provider to adhere to security and privacy provisions mandated by the HIPAA laws. NetSource can sign a BAA and can create a hosting package to help you pass your next HIPAA hosting audit. We will customize the solution to meet both your budget, and the requirements that your HIPAA auditor is trying to achieve for your company.
Additionally, we will include your auditor in the discussion when planning your new network environment to confirm they accept the new hosting and security model. It is important that the auditor reviews the plan and accepts the process in order to ensure you are 100% compliant.
Types of HIPAA Hosting Services:
NetSource’s HIPAA hosting solutions will usually include a mix of security services similar to the following list: Physical Security in SSAE16 Type II datacenter, Managed firewalls, IDPS protection, segmentation of network zones, external and internal security scans, server monitoring, virus and security patch updates, server logging and event notification, server file monitoring and reporting, two factor authentication, encrypted backups, installation of SSLs, 24/7/365 emergency support, and a high availability network. We can customize the security solution to meet your HIPAA requirements.
We realize that managing a HIPAA environment can be a huge challenge for many companies. NetSource is here to make this process much easier for your company. Please contact us at any time for more information on our complete line of HIPAA hosting solutions.