“DriveSavers is the only data recovery service provider in the industry to post proof that it undergoes annual, company-wide SOC 2 Type II audits as well as all data privacy and data security compliance standards. Our customers in the healthcare industry know that DriveSavers can preserve the integrity of their electronic protected health information.”
-Michael Hall, CISO, DriveSavers
About the WiRED Security Incorporated HIPAA Security Compliance Evaluation:
Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Omnibus rules, providers have an obligation to assure their Business Associates are complying with these regulations. DriveSavers Data Recovery engaged WiRED Security Incorporated to provide an independent review of their corporate information security policies. The purpose of this review was to ensure that DriveSavers Data Recovery in its role as a Business Associate (BA) meet the compliance requirements imposed by HIPAA. The scope of this engagement included reviewing and updating corporate information security policies as required, to meet this objective.
Information security best practices were used along with the objectives set forth under HIPAA to conduct this assessment. The assessment was done to ensure that the language and processes used would meet regulatory requirements and safeguard sensitive health information.
The DriveSavers Data Recovery information security policies meet the demonstrated requirements and obligations as required for its role as a Business Associate under HIPAA compliance rules. Their information security policies show that they are committed to providing a secure computing environment and provide reasonable protection for the data that is entrusted to them by their clients and business partners.
WiRED Security endorses that DriveSavers Data Recovery corporate information security policies meet the demonstrated requirement and obligations as required for its role as a Business Associate under HIPAA compliance.
This designation was the result of facility reviews, documentation reviews and control testing performed by two independent third parties who validated the effectiveness of DriveSavers technical security controls related to DriveSavers SOC 2 Type II.
WiRED Security Evaluation Compliance Report
Certified Secure Recovery of Electronic PHI
HIPAA compliance and annual SOC 2 Type II audit verify our qualifications to handle enterprise-class recoveries and support those customers who must maintain compliance with data privacy and data security regulations such as:
- NIST (National Institute of Standards & Technology) SP 800.34 (Rev.1)
- HIPAA (Health Insurance Portability and Accountability Act)
- SOX (Sarbanes-Oxley Act of 2002)
- GLBA (Gramm-Leach-Bliley Act of 1999)
- FERPA (Family Educational Rights and Privacy Act)