Using This Website
HIPAA requires that covered entities take strong measures to protect the privacy and security of electronic protected health information (ePHI). By attaining HIPAA validation through an external attestation, One Stone’s AGATE Applications provide assurance to healthcare providers and other related enterprises that its national platform of multi-tenant data centers conforms to a high standard of data security and provides a secure environment for customers’ sensitive and confidential data.
The validation asserts that the information security program governing the colocation services implements applicable control guidance in the HIPAA Security Rule and the Health Information Technology for Economic and Clinical Health Act (HITECH) Breach Notification requirements.
Each year, an external auditing firm completes System and Organization Controls (SOC) 1 Type 2 and SOC 2 Type 2 reviews of our data center facilities. The reports provide our customers with the assurance of corporate controls, including security and environmental compliance, and validation of One Stone’s AGATE Applications are committed to the most stringent standards of excellence in our data center operations.
SOC 1 and SOC 2 are attestation standards issued by the American Institute of Certified Public Accountants (AICPA). The SOC 1 report is intended to meet the needs of user entities’ management and auditors as they evaluate the effect of a service organization’s controls on the user entity’s financial statement assertions. The SOC 2 report is intended to meet the needs of a broad range of users that need to understand internal control at a service organization as it relates to security, availability, processing integrity, confidentiality, and privacy. One Stone’s AGATE Applications—SOC 2 reports include the security and availability Trust Services categories.
Each year, an independent Third-Party Assessment Organization completes an external assessment to validate One Stone’s AGATE Applications to strict adherence to the National Institute of Standards and Technology Publication Series 800-53 (NIST 800-53) high-impact baseline controls and additional Federal Risk and Authorization Management Program (FedRAMP) requirements. The scope of One Stone’s AGATE Applications assessment includes a subset of control families applicable to colocation services at our data center facilities. The utilization of the high-impact baseline controls for NIST 800-53 reflects One Stone’s commitment to successfully delivering the most rigorous compliance standards to support our customers’ Federal Information Security Management Act (FISMA) and FedRAMP compliance efforts.
NIST 800-53 is a publication that recommends security controls for federal information systems and organizations. NIST 800-53 is published by the National Institute of Standards and Technology which creates and promotes the standards used by federal agencies to implement FISMA and manage other programs designed to protect information and promote information security.
One Stone’s AGATE Applications have achieved the International Organization for Standardization certification (ISO 27001) covering both corporate policies and procedures, as well as those of all our operating data centers. The ISO/IEC 27001:2013 certification is one of the most stringent certifications for information security controls, and confirms the information security controls and other forms of risk treatment are in place to detect and defend against potential data system vulnerabilities. This prestigious, internationally-recognized certification reflects our commitment to provide One Stone’s AGATE Applications to our customers with secure, reliable, and high-performance data center colocation hosting solutions.