Each year, Netgain goes through exhaustive security audits to ensure our physical environment as well as our processes and procedures are in line with what’s needed to protect our clients’ data. The Department of Health and Human Services defined a series of national standards for the security and privacy of protected health information but failed to define a recognized auditing standard for compliance reporting. In the absence of healthcare specific auditing standard, Netgain selected the Statement on Standards for Attestation Engagements 16 Type II audit (SSAE-16).
The SSAE 16 audit reports on controls at a service organization relevant to security, availability, processing integrity, confidentiality, and privacy. The audit evaluates and tests Netgain’s internal policies and procedures including data storage, building and data center access/security, change procedures of hardware and software, and customer data security.
Recently, Netgain completed its fifth annual SSAE-16 SOC 2 Type II audit. The SSAE-16 provides Netgain customers with assurance of corporate controls, including security and environmental compliance, and validation of Netgain’s commitment to the most stringent standards of operational excellence.