Trust Your Sensitive Data to OnRamp’s Certified Colocation and Cloud Services.
The Health Information Trust Alliance (HITRUST) is the organization that created and maintains the Common Security Framework (CSF). Formed by top healthcare and IT professionals, HITRUST is the new benchmark for enterprises that seek complete, yet cost-effective HIPAA compliance. OnRamp is one of the very few recognized hosting providers that’s completed the demanding process to become fully certified on HITRUST’s Common Security Framework (CSF) and pass on the security benefits to you.
To improve the efficiency and effectiveness of the health care system, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, included Administrative Simplification provisions that required HHS to adopt national standards for electronic health care transactions and code sets, unique health identifiers, and security. OnRamp offers fully-HIPAA compliant hosting, colocation and cloud services.
PCI compliance exists to protect the data of credit and debit cardholders, as well as eliminate or minimize data breaches and other security incidents. The PCI DSS specifies 12 high level requirements involving the protection of payment card data during processing, storage, or transmission in order to maintain PCI compliance. OnRamp offers full PCI DSS 3.2 compliant services.
The Statement on Standards for Attestation Engagements no. 16 (SSAE 16) is the new “attest” standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants. As an SSAE 16 / AICPA SOC 2 Type 2 and SOC 3 certified company, OnRamp has met or exceeded standards for logical and physical access, security of environment and information, backup/recovery, and secure storage.
The American Institute of Certified Public Accountants (AICPA) developed the Service Organization Controls (SOC) standards to safeguard the privacy and confidentiality of information stored and processed in the cloud. OnRamp’s Service Organization Controls (SOC) Reports are conducted by an independent third-party as an examination of key compliance controls and objectives. OnRamp has achieved SOC 2 Type 2, and SOC 3 Report
The Federal Information Security Modernization Act of 2014 (FISMA 2014) updates the Federal Government’s cybersecurity practices by codifying Department of Homeland Security (DHS) authority to administer the implementation of information security policies for non-national security federal Executive Branch systems, including providing technical assistance and deploying technologies to such systems. OnRamp is FISMA certified.
Bridging the gap between regulations issued in the U.S. and EU for data privacy, the EU-U.S. Privacy Shield Framework was created by the Department of Commerce in coordination with the European Commission to provide U.S. businesses with the ability to self-certify their compliance with European privacy standards. OnRamp self-certifies with EU-U.S. Privacy Shield and commits to the EU-U.S. Privacy Shield requirements for data transfers across the EU and Switzerland.
The Family Educational Rights and Privacy Act (FERPA) of 1974 is a U.S. privacy law designed to protect student records, including personally identifiable information (PII) with administrative, physical and technical safeguards. FERPA allows for educational agencies and institutions to use third-party cloud and/or IT infrastructure providers, like OnRamp, for the outsourcing of information technology functions including the storage of education records. OnRamp has the most secure compliant hosting solutions to meet FERPA’s rules and regulations associated with protecting sensitive data.