Tag Archives: SAS 70 certification

HITECH Act – New HIPAA Privacy Law and the Service Providers

I was recently interviewed by Ms. Melanie Azam of the Orlando Business Journal for her story about the new HIPAA privacy laws taking effect on February 17, 2010, passed as part of the 2009 stimulus package.  She wrote an informative article about the new HIPAA regulations, which will affect companies that service the health care providers.

As discussed in the article, these new regulations will have a major impact on companies that deal with electronic medical health records, as they affect both the storage and safety of health-related records.  The newly passed Health Information Technology for Economic and Clinical Health (HITECH) Act applies to the service providers and accounting, software, and law firms working with medical records and medical providers, leaving many companies scrambling to get on board with the new, more rigorous privacy laws and regulations. Continue reading

Atlantic.Net Completes SAS70 Data Center Compliance!

Operating sophisticated data centers requires expertise and proficiency in many areas surrounding maintenance, proper controls and checks and balances. Atlantic.Net has long been serving clients that require world class infrastructure with adequate security controls in place and recently announced our SAS 70 certification. SAS 70 compliance confirms reliability, security, availability and processing integrity of our core products which include Managed Server Hosting, Dedicated Servers, and Server Colocation.

What is SAS 70 Audit?

The SAS 70 audit, or Statement on Auditing Standards (”SAS”) No. 70, was developed by the AICPA as a means of auditing and reporting on the effectiveness of operations and controls of a service provider. It is also considered an operational compliance benchmark for companies with the passage of the Sarbanes-Oxley Act of 2002.   A service auditor’s examination performed in accordance with SAS No. 70 (“SAS 70 Audit”) is widely recognized and represents that a service organization has been through an in-depth audit of their control objectives and control activities, which often include controls over information technology and related processes. Continue reading