Storage Guardian

HIPAA Compliance

Storage Guardian's Technology & Services are HIPAA Compliant

As of April 2005, HIPAA's security standards mandate that all health care providers establish a contingency plan to respond to any type of computer disaster involving potential data loss. Storage Guardian's technology complies with the following HIPAA requirements:

• User authentication
• Role based access
• Encryption of data (AES128, AES192, AES256 bit encryption)
• Offsite data storage outside of the organization
• Secure storage facilities
• Transmission Reports

Storage Guardian's Internet Vaulting solution is completely secure and can protect your organization in the case of any type of data loss. Please refer to the table below for a more detailed look into how Storage Guardian's secure remote backup solution enables business to instantly comply comply with HIPAA regulations:

SAS 70 Type II

Storage Guardian's Technology & Services are SAS 70 Type II Certified.

Storage Guardian has received SAS 70 Type II certification from SAS 70 International.

What is SAS 70 Certification?

SAS 70 is an internationally recognized accounting standard established in 1992 by the AICPA. The certification is achieved through an audit or examination that is conducted by an independent auditor. SAS 70 is the subject of increased interest in the face of regulatory mandates such as Sarbanes-Oxley and in the growth of business process outsourcing and Software-as-a-Service (SaaS).

What does Storage Guardian's certification mean for your company?

To put it simply, it means you can rest assured that your data is safe. Our top priority continues to be the safekeeping and security of your imortant and confidential data. This is a professional, third-party guarantee that we are standing by that commitment and providing the highest quality service to our customers.

FIPS

What is the certification for Cryptographic Module Validation Program FIPS 140-1 and FIPS 140-2 Modules In Process List?

Modules validated as conforming to FIPS 140-1 and FIPS 140-2 are accepted by the Federal Agencies of both the United States and Canada for the protection of sensitive information. The National Institute of Standards and Technology (NIST) established the Cryptographic Module Validation Program (CMVP) that validates cryptographic modules to Federal Information Processing Standards (FIPS)140-1 Security Requirements for Cryptographic Modules, and other FIPS cryptography based standards.

What does Storage Guardian's certification mean for your company?

It means we have passed rigorous security standards using independent, accredited Cryptographic and Security Testing (CST) laboratories to test our modules against requirements found in FIPS PUB 140-2, Security Requirements for Cryptographic Modules. These requirements cover 11 areas related to the design and implementation of a cryptographic module. NIST's Computer Security Division (CSD) and CSEC jointly serve as the Validation Authorities for the program, validating the test results and issuing certificates.

CICA 5970

Storage Guardian is CICA 5970 Type B certified by SAS 70 International.