24 Sep

Datacate Completes SOC 2 Type II Audit, Includes HIPAA and Cloud Security

Internet technology se21972 312 SOC NonCPA 300x298 - Datacate Completes SOC 2 Type II Audit, Includes HIPAA and Cloud Securityrvices provider Datacate has completed a independently conducted  Service Organization Control (SOC) 2sm Type II audit of its Colocation and Cloud Services System, with additional mappings for HIPAA compliance and Cloud Security Management (CSM). The audit was conducted by JNN Group, a data governance and analytics consulting firm that specializes in business analytics, data security and data privacy.

Datacate had previously completed a SOC 2 Type I audit with HIPAA mappings, including the relevant administrative, physical, and technical safeguards to protect electronic protected health information (e-PHI). SOC 2 Type I and Type II both report on the non-financial reporting controls and processes at a service organization as they relate to the Trust Services Principles (TSP). The Type I report attests that the controls are suitably designed and implemented. The Type II report goes further, attesting to the operating effectiveness of the controls by auditing operating records over a minimum six-month period.

The HIPAA and CSM sections of the report attest to Datacate’s compliance with those standards by mapping SOC controls to the corresponding criteria in HIPAA and CSM. Due to extensive overlap between TSP criteria and that of HIPAA and CSM, this unified SOC “plus” report effectively attests to Datacate’s compliance with all.

cloud security alliance 300x107 - Datacate Completes SOC 2 Type II Audit, Includes HIPAA and Cloud SecurityBy completing this audit, Datacate also earned a CSA STAR Attestation. THE CSA STAR Attestation is a collaboration between CSA and the AICPA to provide guidelines for CPAs to conduct SOC 2 engagements using criteria from the AICPA (Trust Service Principles, AT 101) and the CSA Cloud Controls Matrix. STAR Attestation provides for rigorous third party independent assessments of cloud providers.

Datacate completed this independent audit as of August 31st, 2018, as part of its commitment to providing the highest quality of products and solutions for clients across a range of industries. Datacate’s SOC 2 Type II report can be made available upon request to Datacate clients who have executed an NDA. Datacate has also commissioned JNN to produce a SOC 3 report, which provides similar attestations as the SOC 2 Type II report but with all confidential information removed, making it suitable for public distribution. Datacate’s SOC 3 report can be downloaded directly from Datacate’s website; no NDA is required.

  • SOCSM is a registered service mark of the American Institute of Certified Public Accountants (AIPCA).
  • Cloud Controls Matrix (CCM) is a controls framework that provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.

About Datacate
Datacate provides secure, reliable high-availability Internet technology solutions for business. Datacate was founded by a team of professionals who are committed to excellence in service and support, catering to clients’ needs with a personal touch. This commitment means keeping up with the latest technologies, procedures, and innovations. By constantly finding new ways to improve and identify efficiencies, we are able to keep both our clients and our own business ahead of the curve.

About JNN Group
static1 300x215 - Datacate Completes SOC 2 Type II Audit, Includes HIPAA and Cloud SecurityJNN Group is a Data Governance, Risk Management, Compliance, and Analytics Consulting Firm. Our team is composed of elite data analytics and data governance professionals who are committed by the power of data to create extraordinary outcomes for clients in heavily regulated industries. Our collective experience with data security and information governance for the World’s largest law firms and Fortune 500 companies led us to create a company formed around this core belief: “Leveraging the potential of massive data sets does not require a massive team. Only the right people, armed with the right tools.”