HIPAA Compliant Hosting
SSAE 18 SOC 1 SOC 2 (formerly SSAE 16) Certified and HIPAA, HITECH Audited
SSAE 18 SOC 1 SOC 2 (formerly SSAE 16) Certified and HIPAA, HITECH Audited
HIPAA Compliant Hosting by Atlantic.Net is SOC 1, SOC 2 certified and HIPAA audited, designed to secure critical data and records. We’re committed to providing you with the best security and compliance solutions, backed by high-performance HIPAA servers.
We offer managed HIPAA compliant hosting for organizations looking to bring focus to their core business. Whether you looking for a fully managed solution for your HIPAA servers or an unmanaged solution, you can rest assured that we are here to assist you every step of the way.
HIPAA compliance hosting is taxing – and that’s putting it lightly. The strict regulatory requirements under which your business must operate can make securing a host an absolute nightmare. Make no mistake, though – you need a host. That’s where Atlantic.Net comes in. Whatever your technical requirements, we can offer a top-grade HIPAA Compliant web hosting solution. Our offerings have all been audited by a qualified independent third party.
Ensures internal controls and best practices for physical security, availability, processing integrity, confidentiality, and privacy.
Ensures that our processes, policies, facilities, and hosting solutions comply with the latest HIPAA Audit Protocols.
Stringent testing that continues to expand to comply with HITECH Act policies and protocols.
Business Associate Agreement
24/7 Phone, Chat, & Email Support
Fully Managed Firewall
Intrusion Detection System
Linux & Window Servers
Highly Available Infrastructure
Encrypted Backup, Storage, & VPN
Log Management System
According to The Health Insurance Portability and Accountability Act (HIPAA), there are two different types of organizations that must ensure compliance: covered entities and business associates. Atlantic.Net falls into the latter category; a third-party entity contracted to handle protected health information(PHI).
In order to both comply with the law and assure our clients that we’re committed to keeping their information safe, we’ve drafted up a HIPAA Business Associate Agreement. This HIPAA-Compliant document is critical to our relationship with healthcare firms and medical practitioners alike, as it firmly establishes parameters for our use of PHI. The following three components are central to this contract:
In conjunction with our SSAE 18 SOC 1 SOC 2 (formerly SSAE 16) certified data center, our BAA shows that we’re committed to keeping the private healthcare information of our clients both safe and secure. Moreover, it shows that we’re willing to go beyond the minimum standards of compliance established in HIPAA. Healthcare businesses who choose us as a host have the peace of mind that can only come from knowing that they’re partnered with a veteran - and one that’s completely committed to their best interests, at that.
We've served thousands of colocation clients over the past two decades, and we know exactly what our clients need. We’re confident that if you host with us, your data will be safe - and more importantly, that it’ll be accessible exactly when and where you need it. That’s a promise.
Thanks to our fully-redundant infrastructure and high-quality on-site security, colocation has never given better peace of mind. Colocation clients enjoy an industry-leading service-level agreement which promises 100% uptime - hosting with us means neither your network nor your infrastructure will never make your data inaccessible. Factor in our superior on-site security, and it’s clear why we’re the logical choice for colocation if you’re in the healthcare industry.
We offer fully-secured, custom-sized cabinets and colocation cage space, to be scaled up or down according to your needs.
The applications run by healthcare companies are frequently incredibly resource-intensive, requiring a dedicated server imply to operate effectively. This server, whether a dedicated or virtual system, needs to be both secure and compliant. That’s doubly true if the company is a healthcare application service provider, which routinely manages patient data from a wide array of firms.
Once again, Atlantic.Net is fully-equipped to deliver.
Our design includes an application server that can be adapted to your needs whether your architecture is physical or virtualized. Even better, all Atlantic.Net application servers are protected with a full suite of security components, including a Fully-Managed Firewall appliance, an encrypted VPN with an optional GeoTrust SSL, and a powerful Intrusion Prevention System with proactive monitoring.
Perhaps the most frequent reason for a healthcare provider to look into hosting services is the operation of a database in order to store patient and organizational data. We’ll provide you with whatever format of database best meets your needs - and it’ll be affordable no matter what your choice. Whether you choose Microsoft SQL Server, MySQL, or PostgreSQL, we've got you covered.
Our HIPAA-compliant database security incorporates our fully-managed firewall appliance, an encrypted VPN with SSL technology, and our intrusion detection system. Further, everything we do that concerns your hosting plan is considerate of compliance implications; we honor regulatory parameters at all times.
Here are just a few benefits of choosing to host your database with Atlantic.Net:
In addition to managed/unmanaged dedicated servers, we offer virtualization hosting solutions with the following hypervisors:
With data breaches occurring with greater and greater frequency on the modern web, your healthcare organization needs to do everything in its power to keep itself safe. Atlantic.Net can help. Our fully-managed and compliant Intrusion Prevention System allows us to consistently keep track of your security, allowing you to stay focused on your core competencies.
Our IPS works off of a continually-revised database of malware and other potential hazards, and features customizable security infrastructure that allows us to tweak it to your specific needs. We routinely test and re-test all components of our IPS, and allow upgrades on an as-needed basis. Threats are monitored and prevented in real-time.
Our IPS also features a powerful Firewall Appliance which connects to each interface, monitoring everything from CPU usage to response rate for gateways. For those of you who require traffic shaping and simultaneous connection limitations, both are easily configurable. All of this is available at minimal cost - meaning you’ll have access to world-class security at a price that won’t leave you tapped out.
One of the stipulations of HIPAA is that healthcare organizations must utilize an antimalware application to remain compliant. Here at Atlantic.Net, we trust Trend Micro Anti-Malware to protect clients from malicious software.
Virtual Environments: Preserve performance and consolidation ratios with comprehensive agentless security built specifically to maximize protection for virtual environments.
Optimized for Server Environments: Optimizes security operations to avoid antivirus storms commonly seen in full system scans and pattern updates from traditional security capabilities.
Virtual patching: Shield vulnerabilities before they can be exploited, eliminating the operational pains of emergency patching, frequent patch cycles, and costly system downtime.
Compliance: Demonstrate compliance with a number of regulatory requirements including PCI DSS 3.0, HIPAA, HITECH , FISMA/NIST , NERC , SSAE 18, and more.
Trend Micro Deep Security Anti-Malware
Trend Micro Deep Security Network Security Package
Trend Micro Deep Security Integrity Monitoring
Trend Micro Deep Security Log Inspection
In addition to our IPS system, Atlantic.Net provides a powerful set of managed firewall components, designed with optimal affordability and security in mind. We’re able to create out-of-the-box solutions for just about any configuration, including Linux servers or even Cisco ASA Firewalls. Reporting maintains historical information on every aspect of your system related to network security, including CPU utilization, firewall states, WAN gateways, and traffic shaping.
By default, we deploy an OpenBSD stateful firewall that allows you to granularly control your states. This allows you to limit states per host, new connections per second, state timeout, state type, and simultaneous client connections. It allows the handling of multiple states, as well. Have a look for yourself:
It also offers a number of state table optimization options:
Last but certainly not least, our dedicated firewalls are connected to a management service that’ll help you ease the burden of monitoring.
This management service allows us to help you implement switches that can be used to set up encrypted VPN connections (we support OpenVPN, IPsec, and PPTP by default) to and from your hosted servers. HIPAA compliance requirements are kept central to the entire process, from management to maintenance to troubleshooting. It’s efficient, too - we realize that your time is important, so we stay with you every step of the way to make compliance a breeze.
All Atlantic.Net clients by default have access to our Network Address Translation Utility, designed to allow them to quickly and easily shape how their network functions. It features easy configuration for port forwarding (including ranges and the capacity to support multiple public IPS), outbound NAT, and advanced load balancing for both inbound and outbound connections. Integrated with the firewall appliance, it can be readily set up with full redundancy thanks to pfsync and CARP from OpenBSD.
The rapid growth of data, shrinking backup windows and budgets, scaling issues, and multiplatform environments currently in place in the healthcare industry all present significant challenges for server administrators. Atlantic.Net seeks to help. Through our powerful Server Backup Manager - a fast, affordable platform for both Linux and Windows - we perform backups either daily or in real-time for each of our HIPAA clients. Incremental backups are done at the block level for advanced speed, and clients have full control over when, where, and how their data is stored. Data is by default kept in our SSAE 18 SOC 1 SOC 2 (formerly SSAE 16) Orlando data center, secured through both on-site measures and by a suite of powerful and robust security software.
In addition to a host of customization options, our backup platform is also equipped with robust monitoring tools, portable backups, point-in-time snapshots, and the ability to perform a bare-metal restore at any point in time. We support backups for the majority of virtualized platforms, as well as a wide range of SQL servers and databases.
You can read a little more about what our backup system offers below.
Atlantic.Net is a market leader in cloud hosting, with over two decades of experience in the industry. It shows - especially when you look at our support team. Signing up as a cloud hosting member with us means you'll have 24/7 access to a crop of dedicated veterans, capable of solving any technical problem you throw their way.
“After evaluating a range of managed hosting options to support our data operations, we chose Atlantic.Net because of their superior infrastructure and extensive technical knowledge.”
“We switched to Atlantic.Net and we couldn’t be happier. Their customer support is PHENOMENAL. They worked with us to create, customize and configure environments for each one of our clients.”
“Atlantic.Net’s reputation for 100% up-time, their secure infrastructure and expertise in Healthcare IT were key components in finalizing our partnership. Our partner’s financial strength and proven track record are something we view with great confidence.”
© 2018 Atlantic.Net, All Rights Reserved.