Green House Data pairs stringent internal policies with third-party external audits to meet regulatory and industry compliance standards across data center and IaaS environments.
Background checks for every employee. Documentation at every turn. Four layers of physical security. These are just some of the independently audited measures taken by Green House Data to maintain compliance with HIPAA and SSAE 18 (SOC 1 and 2) requirements. We can help your company meet PCI, SOX, or GLB standards, as well.
Seconds matter to us, and Green House Data's highly available and always-on infrastructure means our staff can access reliable medical data at a moment's notice. In addition, Green House Data's HIPAA compliance ensures we never have to worry about the safety of our records.Cheyenne Regional Medical Center
Green House Data has maintained compliance with the Health Insurance Portability and Accountability Act (HIPAA) since 2011 and offers HIPAA-compliant cloud and colocation solutions across all locations. If you require a HIPAA Business Associates Agreement (BAA), Green House Data will provide a signed BAA outlining security and compliance measures.
Read more about HIPAA compliance.
SSAE 18 (SOC 1 and 2) demonstrates the latest security and audit standards for data centers. This designation is especially important for companies that are publicly traded or governed by strict industry regulatory entities such as healthcare, government, or banking.
Independent auditors have reviewed Green House Data policies and procedures in order to verify the controls that mitigate risk and deliver high-performance services. The audit covers access (both physical and digital), change management processes, documentation, and client control considerations.
What is the difference between Type II and Type I?
Green House Data holds the Type II designation of the SSAE 18, which confirms that all of the Green House Data facilities capably operate with both design proficiency for internal controls and the operational effectiveness of this design for at least a 12-month time period. Type I only measures adequacy for a specific date in time and does not audit operational effectiveness.
Green House Data is SOC 1 and SOC 2 across all facilities.
Contact us to request a copy of our SSAE 18 (SOC 1 and 2) attestations.
Green House Data infrastructure and protocols qualify us for PCI, Gramm-Leach-Bliley (GLB), and Sarbanes-Oxley (SOX) compliance, but each individual deployment must meet additional requirements for these compliance standards. If your hosted environment will deal with sensitive financial information, let expert technicians help you craft a compliant deployment for any of these standards.
We may be able to help you meet compliance standards not listed here—contact us today with more details and we'll do our best to accommodate.