Home / Archives for data center compliance

Kara Manon Indiana Data Center Disaster Recovery

June 1, 2012 by · Leave a Comment 

As a data center located in Indiana, outside of metropolitan areas for added security, Data Cave is the logical choice for an Indiana disaster recovery service provider. Close to Indianapolis, Louisville and Cincinnati, we house customers of all sizes and with any power, managed services and connectivity needs. In fact, we have customers from all over the country. Whether you are in Michigan, Oregon, New Jersey or wherever, we can protect your data and business. If you are looking for Colocation, Disaster Recovery, a Private Cloud, Offsite Backup or Business Continuity seats, as a Tier IV facility, you can bet your equipment will remain safe, secure, always available and private with Data Cave.

Data Cave is an SSAE 16 compliant data center and we provide healthcare, financial services and other regulated organizations the opportunity to exceed compliance with HIPAA, HITECH, PCI, GLBA, SOX and any other regulations. In fact, we have developed whitepapers to help you better understand these regulations and how to comply with them.

Solving the Mystery of HIPAA and HITECH

A Guide to Financial Services Regulations

A Tier IV data center means that we are truly fully redundant and provide our clients with maximum uptime. In fact, since we opened, we have provided all of our customers with 100% uptime. A remarkable feat for any data center, especially a Midwest Indiana data center that has to deal with the blows that Mother Nature brings. With our purpose built structure, we are able to provide protection from EF5 tornadoes. That’s 200+ mph winds!

Stop losing money to downtime! If you are looking for an Indiana data center, look no further. We can provide you with the best security and uptime (not to mention a knowledgeable and friendly staff) that your company needs to survive in this technology driven world.

Call us at 866-514-2283 or use our Contact Us page to request more information.

Filed under business continuity, Colocation, Compliance and Regulations, disaster recovery, HIPAA, Informational, outsourcing, Security, Weather · Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Kara Manon Whitepaper: A Guide to Financial Services Regulations

May 24, 2012 by · Leave a Comment 

MasterCardThe financial services industry — banks, savings and loans, credit unions, financial advisors, asset management firms, and third-party providers that process information for these businesses — face a myriad of federal and state regulations regarding privacy protection and business continuity planning.

The stakes are high for complying with these regulations. Any sort of breach in releasing protected personal information — from account numbers, Social Security numbers, and names and addresses — can cost a company dearly in lost good will, trust with customers and steep monetary fines that can be charged per record released.

Figuring out how to comply with the seemingly endless and overlapping regulations can be can be a tricky and risky business.

That’s why we at Data Cave have developed a new whitepaper to help you understand data privacy laws pertaining to the financial services industry and why you should consider using a data center like Data Cave to meet those regulations.

For more information contact us or call 866-514-2283.

Filed under Compliance and Regulations, Informational, outsourcing · Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Kara Manon Data Centers and HIPAA Compliance

October 11, 2011 by · Leave a Comment 

There have been questions about what role a data center plays when it comes to HIPAA. We want to address what requirements and obligations data centers have when working with clients in the healthcare industry.

First of all, what is HIPAA? The acronym stands for the Health Insurance Portability and Accountability Act of 1996, enacted to protect the health information of patients. When you visit a doctor’s office or the emergency room at your local hospital, all the people seeing your medical history have signed some sheet of paper, promising to keep your information private. This means to disclose healthcare information, they must have your permission (or authorization from the proper authorities in cases of child abuse, etc.). HIPAA also covers how physical and electronic data is handled and secured. Healthcare entities must backup their data and have a disaster recovery plan in place. This is where data centers come in.

The Health Information and Technology for Economic and Clinical Health (HITECH) Act was enacted on February 17, 2009. This Act requires covered entities to disclose breaches in Protected Health Information (PHI). The covered entities and their business associates that “access, maintain, retain, modify, record, store, destroy, or otherwise hold, use, or disclose unsecured PHI” are required to notify the Department of Health and Human Services or any breaches. The business associates must notify the covered entity of a breach who in turn notifies the individuals involved (patients) and the HHS if more than 500 individuals were affected. From the statement above, data centers like Data Cave, would be considered a business associate.

The problem is there is much to speculate on what this actually means. Some data centers use HIPAA compliance as a marketing tool. Let me make something clear, there is no certification for HIPAA. A data center can be HIPAA compliant, which is what we at Data Cave consider ourselves. Some pay an outside source to come in, look around, and put their stamp of approval on the facility. For Data Cave, meeting HIPAA compliance means limiting people with access to equipment, including our own staff. This also means notifying the proper channels when someone has been near a healthcare entity’s equipment. With most healthcare companies, they are going to want to manage their own equipment, which means our staff wouldn’t need to touch it anyway. However, for a data center doing managed services, facility staff would be responsible. In that case the facility would enter into an agreement with the customer to maintain confidentiality. In the event of a breach, whether virtual or physical, a data center would notify the customer (the covered entity) who would, in turn, notify the HHS if applicable.

In other words, no one can claim HIPAA certification. To take it a step further,  the essence of a data center is to be secure; so in that case, aren’t we all HIPAA compliant?

To find out more about Data Cave and HIPAA compliance, call us at 866-514-2283 or Contact Us via our website.

Filed under disaster recovery, HIPAA, Informational, Security · Tagged with , , , , , , , , , , , , , , , , , , ,