For that reason, when an organization outsources its data processing and other information-based needs, outsourcing compliance responsibilities can be an efficient, reliable method for ensuring that those elusive regulatory standards are met.
Data Dimensions remains in compliance with state and federal security requirements and adheres to all appropriate industry standards so that we can achieve our goal of providing our clients with trusted continuity of service. We ensure regulatory compliance by making sure security and privacy are integral parts of our training and ongoing, day-to-day operations.
Among the security and compliance Data Dimensions offers:
SOC 2 Type 2: In January 2017, Data Dimensions completed the Security Organization Control (SOC) 2 Type 2 audit, meeting the SOC 2 standards for security. The audit is conducted in accordance with the American Institute of Certified Public Accountants (AICPA) Trust Services Principles and assures clients that, because of the methods Data Dimensions uses, their data is secure.
HIPAA: The Health Insurance Portability and Accountability Act was enacted into law in 1996 and addresses the security and privacy of health information. The privacy rule establishes standards for the use and disclosure of Protected Health Information – information concerning health status, provision of health care or payment for health care that can be linked to a particular individual. Data Dimensions is 100 percent HIPAA compliant.
FISMA: The Federal Information Security Management Act (FISMA) was legislated as part of the E-Government Act of 2002 and requires agencies to implement programs that provide security for information and information systems that support the operations and assets of the agency. Data Dimensions is rated moderate under FISMA.
Compliance can be a difficult and expensive proposition for any organization, forcing it to devote valuable resources and employees to achieving a difficult, elusive goal. By outsourcing processes to a reliable, experience provider, the organization can rest easy, knowing it is compliant, and instead devote those resources back to its core competencies.