DataBank has announced that the organization has successfully completed its SSAE 18 System and Organization Controls (SOC) 1 and SOC 2, Type 2 examinations for the seventh year in a row. DataBank also announced the successful completion of the HIPAA and PCI-DSS assessments, citing all efforts were completed by a professional and independent third-party audit firm, 360 Advanced, Inc.
Completion of the SOC 1 Type 2 and SOC 2 Type 2 examinations is widely recognized for demonstrating an organization’s commitment to their security, compliance, and control activities relevant to user entities’ internal controls over financial reporting (SOC 1) and to the AICPA Trust Services Criteria, including: Security, Availability, Processing Integrity, Confidentiality, and Privacy (SOC 2). DataBank has once again achieved exception free reports across all tested compliance frameworks, demonstrating its commitment to delivering security customer environments.
“At DataBank security is paramount and is built into every process and procedure. We continue to focus our teams on providing meaningful and robust compliance and security solutions for our customers,” says Mark Houpt, chief information security officer at DataBank, “We are proud that our diligence has brought about exception-free SOC examinations.”
The Health Insurance Portability and Accountability Act, or HIPAA, defines policies and procedures required of companies that store, process, or handle electronic protected health information (ePHI). HIPAA compliance has become increasingly mandatory to managed service providers providing services to organizations that store healthcare data.
The Payment Card Industry Data Security Standard, or PCI-DSS, is the most widely used and industry-recognized payment-card security standard available. With payment breaches on the rise, ensuring an organization meets the most up-to-date PCI-DSS requirements is crucial for preventing financial and reputational damage. DataBank has successfully completed its PCI-DSS assessment with zero points of non-compliance.
“The team has done a series of very rigorous certifications and examinations,” cites Stacey Levas, VP of Marketing at DataBank. “The fact that we passed with no exceptions is certainly a testament to our cybersecurity strategy and our vision of how we differentiate ourselves in the marketplace.”
DataBank has maintained compliance initiatives regularly for seven years in a row.
“There is value that comes from a third-party auditor validating our organization as exception-free,” states Houpt. “Security is very important to us and to our customers. This is a big differentiator for us as we focus more on compliance in addition to other standard IT offerings.”