SSAE-16 SOC 2 Type 2 Compliant Data Centers

CareTech Solutions’ data centers are now following the new standard for controls for hospital data center hosting. SSAE-16 SOC 2 Type 2 compliant data centers more closely align with internal hospital audit processes and improve the technical standards for reporting on your service providers.

Enable Consistent Auditing Controls for Service Organizations

SSAE-16 has superseded SAS70 standards. This change occurred because SAS70 was being stretched from a financial audit over to a technical area and was violating the spirit of the audit. AICPA put forth SOC 2 framework specifically for technical service providers such as data center providers, SAAS vendors, cloud-computing vendors and I.T. managed service providers and brought forth a new technical standard in the SOC 2.

Provide Improved Standards for Reporting

SSAE-16 SOC 2 Type 2 standards enable an auditor to issue a report stating whether the controls are adequate in the following five Trust Services Principles (TSP) that SOC 2 brings:
  • The security of a service organization’s system
  • The availability of a service organization’s system
  • The processing integrity of a service organization’s system
  • The confidentiality of the information that the service organization’s system processes or maintains for user entities
  • The privacy of personal information that the service organization collects, uses, retains, discloses and disposes of for user entities

Expect the Best

Your organization should expect to see a current SSAE-16 SOC 2 report from all your technical service providers and CareTech goes the extra mile to ensure that audit is being performed in a timely manner and shared with our clients. The bottom line is that you can continue to expect and receive the highest levels of standards, reporting and audit controls at all CareTech Solutions’ hospital data center locations.