alseT Hosting’s Health Insurance Portability and Accountability Act (HIPAA)-compliant infrastructure and management services solve the complexity and ongoing effort of HIPAA compliance for healthcare organizations and solution providers.
HIPAA has led the movement to electronic health records, stronger data protection, and better access to patient records. Fortunately, alseT Hosting’s comprehensive HIPAA compliant hosting and cloud solutions can help organizations meet all relevant standards, optimizing security and performance in the process. We deliver best-in-class network infrastructure, physical security and technical controls. All of this helps to ensure your patients’ protected health information (PHI) truly stays safe.
With the evolution that electronic medical records has provided, a number of benefits, to patients and providers, includes increased access to healthcare information, reductions in errors, and improvements in the speed and quality of claims processing. HIPAA/HITECH provides a set of standards to ensure that healthcare providers can rapidly take advantage of new technology. The technical safeguards subsection of HIPAA/HITECH standard provides best practices and requirements to limit security concerns when it comes to access, file and system integrity, authentication, and the transmission of secured data.
The physical safeguards subsection of HIPAA/HITECH standard addresses the implementation of secure safeguards that cover information systems dealing with equipment and facilities. These include: facility access controls, workstation use, workstation security, and device and media controls.
At alseT Hosting we provide you the peace of mind that your data is safeguarded, as much, or more so, as your customers require. That’s why we offer a Business Associate Agreement (BAA) for all of our HIPAA-compliant customers. Included in the BAA is reporting for any security incidents and audit trails.
The Payment Card Industry (PCI) Data Security Standard (DSS) was created by the major credit card issuers, and applies to companies that accept, store process and transmit credit cardholder data. PCI & DSS were developed to create a common standard for cardholder data security on a global basis. alseT Hosting engineers will work with you to determine the right approach for your business.
alseT Hosting supports PCI compliance by offering a private and isolated platform, along with a security methodology, designed to comply with PCI standards for secure computing. Our defense in depth methodology begins with physical security and extends through all layers of the logical architecture.
The PCI & DSS ensures the safe handling of sensitive information and is intended to help organizations proactively protect customer account data. Since alseT Hosting does not have access to customer data, applicability is restricted to physical security access to the customer’s equipment through a combination of management systems and physical access safeguards and procedures.
When it comes to PCI compliance there are12-basic requirements to the data standard.
At alseT Hosting all our servers are maintained in secured data center facilities that are staffed 24/7/365. Each facility contains physical access controls, vehicle barriers, camera coverage, guarded checkpoints, multi-factor biometric scanning, locked suites, cages and locked cabinets.
alseT Hosting has engineers that will design and deploy compliance-based solutions to suit your requirements. Using our truly hybrid infrastructure, we balance economics, redundancy, availability, scalability, performance, and isolation to arrive at an optimal solution for you.
SSAE 16 / AICPA SOC 2 Type 2 Compliance
alseT Hosting understands the importance of ensuring the utmost transparency in internal controls and procedures. We want our customers to know they can trust alseT Hosting to provide managed hosting services that meet the strictest control standards and industry best practices.
All of alseT Hosting Data Centers must operates and adhere to SSAE 16 / AICPA SOC 2 Type 2 standards for compliance. The Statement on Standards for Attestation Engagements no. 16 (SSAE 16) is the new “attest” standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants. Formerly known as “SAS 70,” an SSAE 16 audit includes controls over information technology and related processes, policies and procedures, including operational activities, and validates everything is performing at optimal standards regarding security, availability and operating integrity.
Audits like SSAE16 confirm that data center operators’ controls meet established standards of suitability, design, and effectiveness. SSAE16 defines a “control” as anything that comes into contact with a data center’s hosting products, or, “the services provided, along with the supporting processes, policies, procedures, personnel, and operational activities that constitute the service organization’s core activities that are relevant to user entities.”
- Logical and Physical Access
- Security of Environment and Information
- Secure Storage
We are committed to the evolving standards and will continue to demonstrate our compliance, quality of service and assurance so your organization can feel confident in choosing alseT Hosting.
alseT Hosting looks to only partner with the most efficient Data Centers in the Industry. Our Data Center Partners must hold a Gold or Platinum rating level under LEED (Leadership in Energy and Environmental Design). This program is a voluntary rating system for energy efficient buildings that is overseen by the US Green Building Council.
A single word to describe LEED certified data centers is “sustainable.” Here are some characteristics of a typical LEED certified data center.
- Advanced cooling system to reduce energy consumption. There are many different ways to implement a cooling system. A few examples are: using outside air and cooling it by evaporation to cool the facility; deploying custom servers that operate at higher temperatures and using cold air containment pods with variable speed fans to match airflow with server requirements.
- Improved cooling efficiency. Using a chilled water storage system, for instance, has the potential to transfer up to 10,400 kWh of electricity consumption from peak to off-peak hours daily therefore, improving cooling efficiency.
- Reduced energy consumption. Monitoring power usage in real-time and leveraging analytics during operations helps to allocate power judiciously. Distributing power at higher voltages reducing power loss, and eliminating energy-draining transformers both help to convert power to the appropriate voltage. This will reduce the generation of heat. The overall aim is to maintain low power usage effectiveness (PUE), which is the measure of the energy used beyond the IT load.
- Using a clean backup power system. One innovative approach is replacing the football field sized room full of batteries that powers the uninterrupted power supply, with mechanical fly wheels and a diesel engine. This reduces emissions, noise pollution and fuel consumption.
- Using renewable energy. Extensive use of renewable energy, such as solar power, to reduce dependence on the grid and fossil fuels is a characteristic of all green data centers.
- Green construction. Construction of the facility also influences LEED certification. Using recycled materials for construction, purchasing materials near the site to reduce consumption of fossil fuels and diverting construction waste to nearby landfills reflects positively on LEED ratings.
- Intelligent design. Adopting an in-row design confines the heat to a smaller area, reducing the space to cool and, therefore, reducing electricity consumption considerably. Similarly, a modular design helps to contain cooling only to the required area instead of cooling the entire facility.
11516 N Port Washington Road, Suite 2B
Mequon, WI 53092
18 S Michigan Ave, 12th Floor
Chicago, IL 60603
3701 W Burnham
Milwaukee, WI 53215
720 Hawthorne St
Alexandria, MN 56308
4121 Perimeter Center Place
Oklahoma City, OK 73112