WeConnect Data Center Compliance
WeConnect Data Center services include fully certified and audited PCS DSS, PCI, and Service Organization & Trust Principles SOC2 Annual Reports, at no charge, on top of securing protected health information to ensure full HIPAA compliance.
WeConnect Data Center
WeConnect Data Center secures your clients’ protected health information (PHI) data to ensure compliance with HIPAA requirements. We also execute Business Associate Agreements (BAA) agreements with you and your customers.
WeConnect Data Center LLC has implemented reasonable and appropriate standards, management policies, and procedures, which comply with these HIPAA Privacy and Security Rule Standards and Implementation Specifications. Since key HIPAA specifications are tested as part of the Trust Services Principles: Security Criteria within the SOC 2 Audit, as noted within the SOC 2 Description of Systems (Section I), and procedures were completed for the Trust Services Principle: Security Criteria, (SOC 2 Section III). The SOC 2 documents provide a cross-reference table that clearly provides the linkage between HIPAA defined security rules and the Security Principle Control Reference Number (#) for each SOC 2 Security Criteria noted within Section III of the A-Lign SOC 2 report.
The HIPAA “Core Areas Security Rule Standards and Implementation Specifications” are cross referenced to the “SOC 2 Control Refer-ence (Security Principles)”, which is included in Section III of the SOC 2 report. Further, the cross-reference table represents the HIPAA Security Rule Standards and demonstrates Metro Data Center LLC’s ability through the SOC 2 Procedures to comply with each individual specification.
Health Insurance Portability and Accountability Act (HIPAA) is a set of standards introduced by the U.S. Congress in 1996. The Act is made up of rules governing protected health information (PHI) including Security, Privacy, Identifiers, and Transactions and Code Sets. The purpose of the HIPAA Security Rule is to promote the protection and privacy of sensitive PHI used within the healthcare industry by organizations called “covered entities”. As a result of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009, both covered entities and business associates are now accountable to the HHS and individuals for appropriately safeguarding private patient information.
WeConnect Data Center executes business associates agreements with its clients; where applicable. These HIPAA Security Rule Standards and Implementation Specifications have four major sections, created to identify relevant security safeguards that help achieve compliance: 1) Physical; 2) Administrative; 3) Technical; and 4) Policies, Procedures and Documentation Requirements.
WeConnect Data Center
PCI DSS Compliance
WeConnect Data Center services include our fully Certified and Audited PCS DSS, PCI Annual Report for you and your customers, at no charge.
Companies that handle credit card account data are required to be compliant with PCI DSS. Organizations may require additional compliance validation through a third-party audit of the following requirements:
- Procedures to Protect Cardholder Data and Implement Strong Access Control Measures
- Building and Maintaining a Secure Network
- Maintain a Vulnerability Management Program
- The Regular Monitoring and Testing of Networks
- Up-to-date Information Security Policy
PCI DSS Compliance Defined
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.
WeConnect Data Center
SOC 2 Audit Compliance
WeConnect Data Center services include our fully Certified and Audited Service Organization and Trust Principals SOC2 Annual Report to you and your customers, at no charge.
WeConnect Data Center, LLC, one of Ohio’s fastest-growing Data Centers has passed the Service Organization Control (SOC) 2 audit, earning a final report of clearance and official from its auditor A-Lign. This certification validates WeConnect Data Center’s ability to provide service to national accounts, financial institutions, healthcare and other professional service organizations. It also confirms WeConnect Data Center’s commitment to honesty, security, confidentiality, integrity, and trust.
This audit validates WeConnect Data Center’s ability to provide services to the following:
- National Accounts
- Financial Institutions
- Professional Service Organizations