Green House Data pairs stringent internal policies with third-party external audits to meet regulatory and industry compliance standards.

Background checks for every employee. Documentation at every turn. Four layers of physical security. These are just some of the independently audited measures taken by Green House Data to maintain compliance with HIPAA and SSAE 16 Type II requirements. We can help your company meet PCI, SOX, or GLB standards, too.


SSAE 16 Type II



Green House Data has maintained compliance with the Health Insurance Portability and Accountability Act (HIPAA) since 2011, and offers HIPAA compliant cloud and colocation solutions across all locations. If you are in need of a Business Associates Agreement (BAA), Green House Data will provide a signed BAA outlining security and compliance measures. 

Read more about HIPAA compliance


SSAE 16 Type II

SSAE 16 Type II demonstrates the latest security and audit standards for data centers. This designation is especially important for companies that are publicly traded or governed by strict industry regulatory entities such as healthcare, government, or banking.

Independent auditors have reviewed Green House Data policies and procedures in order to verify the controls that mitigate risk and deliver high performance services. The audit covers access (both physical and digital), change management processes, documentation, and client control considerations.

data center security cameraWhat is the difference between Type II and Type I?

Green House Data holds the Type II designation of the SSAE 16, which confirms that all of the Green House Data facilities capably operate with both design proficiency for internal controls and the operational effectiveness of this design for at least a six-month time period. Type I only measures adequacy for a specific date in time and does not audit operational effectiveness.

Green House Data is SOC 1 and SOC 2 across all facilities.

Contact us to request a copy of our SSAE 16 Type II attestation.



Green House Data infrastructure and protocols qualify us for PCI, Gramm-Leach-Bliley (GLB), and Sarbanes-Oxley (SOX) compliance, but each individual deployment must meet additional requirements for these compliance standards. If your hosted environment will deal with sensitive financial information, let expert technicians help you craft a compliant deployment for any of these standards.

Looking for another compliance standard?

We might be able to help you meet compliance standards not listed here—contact us today with more details and we'll do our best to accommodate.

For more information about security protocols, see the Facility Security or Cloud Security pages.

Chat Now