Blog Header Banner

Archive for the ‘HIPAA’ tag

What is HITRUST CSF Certification vs HIPAA?   no comments

Posted at Sep 27, 2018 @ 9:00am datacenter

HITRUST CSF HIPAA ComplianceThe Health Information Trust Alliance, or HITRUST, is a healthcare Common Security Framework (CSF) that includes both federal and state regulations. HITRUST certified organizations are audited by a third-party to validate specific areas, such as proper access control, security policies, asset managment, incident management, and business continuity.

HITRUST and the Health Insurance Portabilty and Accountability Act, or HIPAA, are closely related, but are not interchangeable. The purpose of HIPAA is to ensure confidentially, integrity, and availability of any data created, received, maintained, or transmitted, while simultaneously protecting data against threats. However, with the increasing amount of security incidents and data breaches in the healthcare industry, HIPAA has been falling short on providing organizations with sufficient guidelines.

HITRUST CSF was developed to provide organizations with a more effective framework to address security needs that go beyond HIPAA. It integrates many existing requirements from HIPAA and other data protection frameworks to create a universal protection standard void of any inconsistencies. HITRUST also introduces the ability for an organization to become ‘certified’. With HIPAA, there is no formal report, audit, or certification that exists.

By choosing a HITRUST CSF certified Data Center and Cloud provider, your business saves time and money by not having to become certified yourself. Best of all, you will have the peace of mind knowing your data is protected by best-in-class technology, policies, and procedures.

TurnKey Internet owns and operates its own private, SSAE-18 SOC 1 & SOC 2 certified, HIPAA compliant, datacenter located in New York’s Tech Valley region. Owning our datacenter, we have been able to design, build and maintain every aspect of its construction to provide an ideal hosted server environment. This allows us to provide our clients fast, secure and reliable performance at all times. We’ve also been able to leverage the state-of-the-art in green technologies, making our datacenter among the most energy-efficient world-wide.

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on September 27th, 2018

Tagged with , ,

Data Centers: Better Protection For Your Company’s Data   no comments

Posted at Aug 21, 2018 @ 10:06am data center

Data Center Security

The question of where to store data and sensitive information continues to concern many businesses. If you are like most companies, you worry about the security of your data. You may be thinking that you need to keep the data as close to you as possible, storing it at your own office server room where you can “keep an eye on everything.” How could you possible know what is happening with your data at servers far away from your office space?

The fact of the matter is, however, that your data is much more secure at a data center than on your in-house servers. A data center is able to offer you many more security features and guarantees for your data than you have in your own space. A quick look at the many benefits of cloud storage may help convince you.

  1. Data security – One of the main priorities of a data center is security. With some high-profile companies becoming the victims of data breaches in the last couple of years, data centers have upped their investments in access control, identity management, intrusion prevention and protection. These improvements have resulted in increased security protocols and more protection for communication between users and servers.
  2. DDoS protection – Distributed Denial of Service (DDoS) attacks are designed to overwhelm servers, flooding them with requests until the security breaks down and actual user needs are ignored. Such an attack can derail a business quickly, losing revenue, customer trust and authority. Data centers are now providing services that monitor and protect against DDoS attacks.
  3. Reduced in-house data costs – Migrating all of your IT infrastructure to a data center will allow you to reduce the size and cost of your on-site location. For example, you will be able to remove servers, lower your software costs and potentially reduce IT staff without compromising the integrity or security of your data. Most data center solutions are paid on an as-needed basis, so you will only pay for the amount of server and infrastructure capacity that your business needs, and you can change that amount at any time.
  4. Constant availability – Data centers are exceptionally reliable. The connection is on 99.99 percent of the time, only going down for maintenance, and you will have access to your applications and data at all times and from practically anywhere.
  5. Improved mobility and collaboration – Cloud storage is available to those who need it no matter where they are located. With today’s internet connections via tablets and smartphones, you will be able to access your data and your applications no matter what you are doing. You can also share your information and conduct collaborations via shared storage capabilities offered by data center providers

 

Once you have decided that moving your IT infrastructure to a data center is the right decision for your business, you will need to find the right provider. You are placing all of your important data in the hands of this provider, so you must make sure that you choose the right one. Technology is constantly changing and improving, and you need to be able to trust that the data center you choose will keep up with the evolution of security needs. Find out whether there are security protocols in place, including:

  • Physical security of the data center
  • Environmental controls
  • Back-up measures for power and internet
  • Back-up measures for your data
  • Technical support when you need it

 

Frequent system audits are also necessary in order to ensure that all servers meet or exceed industry standards for data security. When you are searching for a data center, ask potential candidates about their compliance to SSAE-16/18 SOC 1 and SOC 2. This set of standards measures the amount of control that a service organization maintains over your sensitive data and financial information. An audit will report any flaws in data flow.

You should also inquire about compliance to the Health Insurance Portability and Accountability Act (HIPAA). This regulation ensures the security and privacy of private health information that is stored on cloud services. A HITRUST CSF audit will demonstrate holes in the security of such specific and sensitive data.

If your data center choice is compliant with both of these standards, you can rest assured that your sensitive data will be monitored and its integrity will be maintained.

TurnKey Internet owns and operates its own private, SSAE 18 SOC 1 & SOC 2 certified, HIPAA compliant with HITRUST CSF certification, data center located in Albany, NY. Owning our data center, we have been able to design, build and maintain every aspect of its construction to provide an ideal hosted server environment. This allows us to provide our clients fast, secure and reliable performance at all times. We’ve also been able to leverage the state-of-the-art in green technologies, making our data center among the most energy-efficient world-wide. For more information about TurnKey Internet’s Green Data Center, visit: https://www.turnkeyinternet.net/datacenters/new-york/albany/

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on August 21st, 2018

Tagged with , , , ,

TurnKey Internet, Inc receives SSAE 18 SOC 1 & SOC 2 Certification with HIPAA Compliant Mapping   no comments

Posted at Jul 17, 2018 @ 9:34am Press Release

TurnKey Internet

LATHAM, NEW YORK (July 17, 2018) – Leading Data Center and Cloud Hosting Solutions provider TurnKey Internet, Inc. announced today that their flagship Data Center in New York’s Tech Valley has received SSAE 18 SOC 1 & SOC 2 certification with HIPAA compliant mapping. After a thorough audit, TurnKey Internet was deemed compliant with the regulations required to attain certification. The examination was conducted by SOC audit specialists The Moore Group CPA, LLC.

SSAE 18, previously known as SSAE 16 or SAS 70, contains the rules for a CPA firm conducting an attestation of a service organization’s internal controls and issuing a System and Organization Controls’ (SOC) report. The SOC certification audit investigates several core areas: security, availability, processing integrity, confidentiality, and privacy. It verifies that TurnKey Internet’s Data Center is of the utmost security, integrity, and reliability. It confirms that TurnKey Internet has procedures and safety precautions of the highest certification standard in place to ensure the security of the facility and its clients’ data within.

In addition to the SSAE 18 SOC 1 & SOC 2 certifications, TurnKey also achieved HIPAA compliant mapping. This demonstrates TurnKey’s compliance with U.S. federal and state government HIPAA regulations, standards and frameworks, regarding the security and protection of electronic personal healthcare information.

“Attaining the SSAE 18 SOC 1 & SOC 2 certification with HIPAA compliant mapping was a significant goal and milestone for us,” remarked Adam Wills, President and CEO of TurnKey Internet. “We pride ourselves on our unparalleled reliability, security, quality of service, and—most importantly—customer satisfaction. This certification not only proves that we are excelling in those areas, but also assures our new and existing clients that they are receiving the best possible service and data protection available.”

For more information about TurnKey Internet’s Albany Data Center, or to speak with a Cloud Hosting Solutions expert, visit https://www.turnkeyinternet.net/datacenters/new-york/albany/

About TurnKey Internet
Founded in 1999, TurnKey Internet, Inc. is a full-service Cloud Hosting Solutions provider with Data Centers in New York and California specializing in Infrastructure as a Service (IaaS) to clients in more than 150 countries. Services offered in both East Coast and West Coast, USA – include Public Cloud, Private Cloud, Dedicated & Bare Metal Servers, Backup & Disaster Recovery, Online Storage, Web Hosting, Managed Hosting, Hybrid Solutions and Enterprise Colocation. Headquartered in New York’s Tech Valley Region, TurnKey Internet’s Flagship company owned Datacenter is SSAE 18 SOC 1 & SOC 2 certified, as well as HIPAA compliant. The facility is powered exclusively by on-site Solar and Hydroelectric sources to provide a 100% renewable energy footprint and in 2013 was designated as the 39th ENERGY STAR® Certified Data Center in the United States. For more information, please call (518) 618-0999 or visit www.turnkeyinternet.net/media

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on July 17th, 2018

Tagged with , , , , , , , ,

Datacenter Security: Keeping your Servers and Data Safe   no comments

Posted at Sep 20, 2016 @ 9:03am New York Datacenter

datacenter-security

The question of where to store data and sensitive information continues to concern many businesses. If you are like most companies, you worry about the security of your data. You may be thinking that you need to keep the data as close to you as possible, storing it at your own on-site datacenters where you can “keep an eye on everything.” How could you possible know what is happening with your data at servers far away from your office space?

 

The fact of the matter is, however, that your data is much more secure at a cloud provider than on your in-house servers. A cloud service is able to offer you many more security features and guarantees for your data than you have in your own space. However, you have to feel comfortable with your cloud provider keeping your data. A quick look at the many benefits of cloud storage may help convince you.

 

The Benefits of Cloud Storage

Choosing to move your information and data to cloud storage is no easy decision. However, the number of benefits that cloud providers offer to you and your business can make this change well worth it. Consider the many benefits, including:

  1. Data security – Possibly the most important aspect of cloud storage, data security is the main priority of cloud services. With some high-profile companies becoming the victims of data breaches in the last couple of years, cloud providers have upped their investments in access control, identity management, intrusion prevention and virus and malware protection. These improvements have resulted in increased security protocols and more protection for communication between users and servers.
  2. DDoS protection – Distributed Denial of Service (DDoS) attacks are designed to overwhelm cloud servers, flooding them with requests until the security breaks down and actual user needs are ignored. Such an attack can derail a business quickly, losing revenue, customer trust and authority. Cloud providers are now providing services that monitor and protect against DDoS attacks.
  3. Regulatory compliance – Cloud providers are required to follow the industry and governmental regulations that oversee their sectors. This includes guarantees and restitutions for your data in the event of a breach.
  4. Reduced in-house data costs – Migrating all of your data to a cloud server will allow you to reduce the size and cost of your on-site location. For example, you will be able to remove servers, lower your software costs and potentially reduce IT staff without compromising the integrity or security of your data. Most cloud storage is paid on an as-needed basis, so you will only pay for the amount of server and infrastructure capacity that your business needs, and you can change that amount at any time.
  5. Constant availability – Cloud providers are exceptionally reliable. The connection is on 99.99 percent of the time, only going down for maintenance, and you will have access to your applications and data at all times and from practically anywhere.
  6. Improved mobility and collaboration – Cloud storage is available to those who need it no matter where they are located. With today’s internet connections via tablets and smartphones, you will be able to access your data and your applications no matter what you are doing. You can also share your information and conduct collaborations via shared storage capabilities offered by cloud providers.

 

Choosing the Right Cloud Provider

Once you have decided that storing your information on the cloud is the right decision for your business, you will need to find the right provider. You are placing all of your important data in the hands of this provider, so you must make sure that you choose the right one.

 

The best way to find the right cloud provider is to begin by talking to some of the provider’s current clients. These are the people who have already made the decision to trust the provider, and they will have the best insight into how the provider works and what it can offer. Try some of these questions to discover more about the service that you are considering:

  • Did you find the onboarding process relatively easy to accomplish?
  • Did the service provide education and training about the new technology for your staff?
  • What is the technical support like when you encounter problems with the service?
  • Have you personally experienced any serious security concerns or incidents?
  • How have your security concerns been handled by the provider?

 

If you are dissatisfied with any of the responses to these questions, you do not have to use that particular provider. Keep looking and asking questions until you find a cloud service that meets your needs and that makes you feel comfortable.

 

Your Security and Peace of Mind

Technology is constantly changing and improving, and you need to be able to trust that your datacenter will keep up with the evolution of security needs. For any cloud service, find out whether there are security protocols in place, including:

  • Physical security of the datacenter
  • Environmental controls
  • Back-up measures for power and internet
  • Back-up measures for your data
  • Technical support when you need it

 

Frequent system audits are also necessary in order to ensure that all servers meet or exceed industry standards for data security.

When you are searching for a cloud provider, ask potential candidates about their compliance to SSAE 16/SOC1. This set of standards measures the amount of control that a service organization maintains over your sensitive data and financial information. An audit will report any flaws in data flow.

You should also inquire about compliance to the Health Insurance Portability and Accountability Act (HIPAA). This regulation ensures the security and privacy of private health information that is stored on cloud services. A HIPAA audit will demonstrate holes in the security of such specific and sensitive data.

If your cloud provider choice is compliant with both of these standards, you can rest assured that your sensitive data will be monitored and its integrity will be maintained at your datacenter.

 

Choosing to put your business information in a cloud service rather than housing it on-site is an important decision that requires careful vetting of your potential provider. Once you have chosen a service, you can trust that your datacenter will keep your important information safe and secure.

TurnKey Internet owns and operates its own private datacenter located in New York’s Tech Valley region. Our SSAE-16 Certified datacenter was a former U.S. Government building that was purchased by TurnKey in 2010. It is made to U.S. Federal Government standards, with 1-foot thick concrete along the perimeter, plus additional re-inforced walls and security enhancements. We have installed advanced security systems, and infrared based surveillance monitoring cameras. Employees all undergo background screening, and clients are not permitted within the facility except with photo ID and escorted by trained security personnel at all times. Owning our datacenter, we have been able to design, build and maintain every aspect of its construction to provide an ideal hosted server environment. This allows us to provide our clients fast, secure and reliable performance at all times.

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on September 20th, 2016

Tagged with , , ,

Why You Should Be Concerned About Email Compliance   no comments

Posted at Sep 20, 2010 @ 11:15am News,TurnKey Marketing

Everyone has heard the expression: ignorance of the law is no excuse. Well, from the feedback I am getting it seems that many companies and organizations haven’t taken that very seriously when it comes to email system compliance. While people in the financial, insurance and medical industries are scrambling to comply with the new regulations, others may still not be aware of the laws they are violating every day. Have you heard of the following …

Financial Industry Regulatory Authority (FINRA)
Gramm-Leach-Bliley Act (commonly called GLB or GLBA)
Health Insurance Portability and Accountability Act (HIPAA)
Hedge Fund Transparency Act (HFTA)
The Sarbanes-Oxley Act (commonly called SOX)
US Securities and Exchange Commission (SEC Rules 17a-3 and 17a-4)


The Federal Rules of Civil Procedure (FRCP) apply to any organization that has the potential to be involved in litigation in the U.S. Federal Court system.
The amendments, which went into effect on December 1, 2006, mandate that companies must be prepared for legal discovery. Every organization must know where their data is and how to retrieve it. This regulation covers any organization in any industry. You are required to have the ability to produce all electronic documents, including email, for a minimum of seven years.

Considering that the average employee sends and receives multiple emails daily, the storage capacity alone needed to achieve seven years of backups is more than most office servers can handle. The most reasonable and cost-effective way to maintain this level of compliance is by utilizing a virtual email or cloud-based email server. This will provide you with the number of email accounts you need, at a price you can afford, and also include the necessary systems for archiving and retrieval. Their storage capacities have the ability to expand as needed with no additional cost to the clients.
If you are considering an upgrade to your email system, you may also want to think about technologies like Active Sync for communication with smart-phones.

Check out our offerings for fully-compliant and affordable email systems to protect your businesses! Our offerings include Active Sync with SOX and HIPAA compliance, Microsoft-exchange level features and much more.

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by admin on September 20th, 2010

Tagged with , , , , , ,