We do the work. You get our audit reports.
Online Tech's culture of compliance lowers your organization's risk of outsourcing IT infrastructure with our investment in annual reporting of ongoing compliance auditing against multiple compliance standards. You know that our compliance isn't an automatic proxy for your organization's compliance, but having our complete documentation in hand to provide to your auditors will make it easier for your audits - not more complex
We love our auditors. They make us stronger and better at reducing risk. UHY LLP audits Online Tech's processes, people, facilities, and services against the following with annual reporting. Ask for a copy of our audit reports to cure your sleepless nights.
HIPAA OCR Audit Protocol
Our processes, facilities, products, and services are independently audited to the guidelines outlined by the Department of Health and Human Services Office of Civil Rights in their OCR HIPAA Audit Protocol. Claims of "HIPAA Compliant", "HIPAA Certified" and "HIPAA Ready" abound. Don't take chances. Ask for and read the opinion of a qualified independent auditor and decide for yourself if the safeguards meet your organization's standards.Learn more
PCI DSS Data Security Standards
We undergo annual penetration testing, vulnerability scanning, and independent auditing against the most current PCI DSS compliance standards to ensure cardholder data remains protected. Don't take our word for it, ask for the audit report or consult the VISA list to give you confidence that your PCI hosting partner can protect consumer information.Learn more
SSAE 16/SOC 1 and SOC 2 Compliance
What originated as the AICPA's SAS 70 audit has now evolved to the SSAE 16 or SOC 1 audit report. This report allows an organization to specify the controls they wish to be audited against. We take it one step further with the SOC 2 audit and standardized expectations for protecting digital data to ensure sensitive data is appropriately controlled. If you are subject to financial reporting regulations, don't settle for anything less than business partners that will share evidence of an independent auditor's opinion of their SOC 2 controls to prove compliance with Sarbanes-Oxley requirements.Learn more
We take privacy seriously and comply with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Maintaining trust with our clients and the digital information of their customers is paramount.Learn more