Tri-Point Solution's Compliance Services
HIPAA, PCI, ITAR, SOC & More….
Recognizing the pressures on business to maintain compliance and regulatory obligations, let Tri-Point’s Compliance Services maintain and manage those for you.
Our team of experienced, compliance experts is dedicated to helping customers from across industries with their compliance issues. The team is available to every client and can assist you in achieving your particular compliance goals – whether it’s HIPAA, PCI, ITAR, SOC, GLBA, GDPR and many others.
HIPAA Compliance
PCI Compliance
ITAR Compliance
SOC 2 Compliance
The SOC compliance certification independently verifies the validity and functionality of a data center’s control activities and processes. We generate requested SOC reports and “bridge-letters” to our customers upon their request.
GLBA Compliance
The Gramm-Leach-Bliley Act, enacted in 2000, requires financial institutions to take steps to ensure the security and confidentiality of their client’s records. Click the button below to learn more of this compliance requirement to see if your company is required to have it.
GDPR Compliance
The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. This compliance requirement also addresses the export of personal data outside the EU and EEA area.ML.
HIPAA Compliance
Tri-Point’s Compliance Services provides complete protection for the healthcare industry to comply with HIPAA security requirements and standards. Our data centers teamed with our compliance services have been a key component to support our healthcare clients in satisfying their HIPAA security requirements.
Remember, HIPAA Security Final Rule (CFR 164.308(a)(1)) states that you MUST get your data off-site, backed up frequently, in the event of a server crash, database disruption or loss. Not only are off-site backups required, but HIPAA Rule (CFR 164.312€(1)(B) states that high level encryption is REQUIRED to protect your data. Avoid the $50K per incident fines that can escalate to up to $1.5 million for all violations per the HIPAA Civil Monetary Penalty (CMP) ruling. Let Tri-Point put your organization in full compliance with our HIPAA compliance specialists.
PCI Compliance
Tri-Point’s data centers provide PCI compliant environments, from physical security to information security policies and controls.
We also have in-house security and compliance expertise as well as third-party auditing partners to help navigate the often challenging
path toward PCI compliance.
These are some of the policies that we make sure are in place with your organization:
Acceptable Use Policies
Incident Response Policies
Password Policies
External Connection Policies
Remote Access Policies
Wireless Access Policies
Confidential Data Policies
Wireless Access Policies
Mobile Device Policies
Network Security Policies
Data Retention Policies
Encryption Policies
Email Policies
Outsourcing Policies
Backup Policies
Physical Security Policies
Network Access and Authentication Policies
ITAR Compliance
Tri-Point customers that have a client requirement for the ITAR compliance standards, recruits us to maintain a limited scope of ITAR audit certifications from an external audit firm covering HR onboarding practices, physical and logical access and authorization, environmental controls, and other requirements. Tri-Point ensures that all customer data is physically covered and protected within our data centers that physically reside in the U.S. and is physically and logically accessible only by employees that are U.S. citizens. Contact Tri-Point below for more info.
SOC 2 Compliance
A Type 1 SOC audit looks at a service provider’s controls at the specific moment the assessment is performed. The Type 2 SOC audit looks at controls that are in place today and have been functional for at least six months prior to the audit date. As a result SOC 2 audits are much more rigorous and are specifically targeted towards information security and information system availability.
Tri-Point has chosen to perform the more rigorous Type 2 SOC audit within its data centers; and we continually update our SOC compliance reports every year to ensure there are never any gaps between reports. This assurance demonstrates to our customers that we are 100% committed to protecting them and their data.
GLBA Compliance
The GLB Act specifies that to ensure the security and confidentiality of an organization’s financial records and other information, to establish appropriate
standards for the financial institutions subject to their jurisdiction relating to administrative , technical and physical safeguards.
Organizations are required to ensure the security and confidentiality of client records and information; protect against any anticipated threats
or hazards to the security or integrity of such records; protect against unauthorized access to or use of such records or information which could
result in substantial harm or inconvenience to any client.
Tri-Point’s hosted cloud services not only meet, but exceed, all the physical and environmental controls outlined in the
National Institute of Standards and Technologies (NIST) Special Publication 800-53 for low and moderate systems.
GDPR Compliance
Tri-Point assumes the responsibilities as a “Data Processor” that are defined in our contracts and are limited to the logical and physical security of data in accordance with the services outlined in service agreements between Tri-point and its customers. Tri-Point does not have a business need to view, modify, manipulate, transmit, or otherwise use the personal data to deliver contracted services. Tri-Point is responsible for notifying a customer of a data breach impacting EU personal without undue delay and no later than 72 hours under GDPR, however Tri-Point exceeds this by providing breach notification to affected or potentially affected customers within 24 hours in accordance with our Security Incident Response Policy.
Tri-Point customers are responsible for :
- Defining specific, explicit and legitimate purposes for data collection
- Depending on the type of data, obtaining explicit consent or unambiguous consent from data subjects
- Minimizing the amount of personal data collected or processed
- Maintaining, correcting or protecting the integrity of the personal data
- Defining and implementing appropriate and data retention periods
Let Tri-Point’s Team of Experts Keep You Compliant
For organizations subject to regulatory requirements, our comprehensive compliant hosting solutions ensure the highest standards concerning our customers’ data protection and uninterrupted access to their data, and the option of hosting on-site or in the cloud.
Tri-Point's Team Are Compliance Experts. Rely on Us to Keep Your Data & Security Compliant
Private clouds offer secure, enterprise-class solutions on a robust, scalable and fully redundant architecture for your production workloads. Multi-tenant clouds also provide production-grade “instant capacity” for backup and disaster recovery.
Control Costs
Tailor your solution to your business needs and applications.
Manage Time
Reduce recovery resources, ensuring accuracy and security.
Reduce Risk
Monitored backups and multiple recovery options.
Maintain Control
Manage and monitor resources through the Tri-Point Portal.
Get a Free Quote, Take a Tour, or Learn More About Tri-Point.
Office
500 South Lynn Riggs Blvd
Suite #166
Claremore, OK 74017