LeaseWeb USA, the U.S. entity of one of the world’s largest hosting brands, has announced that its IaaS platform complies with all the applicable requirements in the U.S. Health Insurance Portability and Accountability Act (HIPAA).
The third-party statement of recognition by independent auditor EY would allow customers in the United States to make the LeaseWeb hosting platform part of their overall HIPAA compliance process, while also providing international customers with the assurance that their data will be well protected.
“Individual medical information is some of the most important information that an organization must protect,” said Lex Boost, COO of LeaseWeb USA. “LeaseWeb Infrastructure users now have a powerful statement of security and the knowledge that LeaseWeb can help them counter concerns over issues like data security and business resilience.”
HIPAA sets out standards for security controls to safeguard Protected Health Information (PHI) that is stored or processed online. PHI includes virtually all individually identifiable health information that is collected during the provision of a medical service. The HIPAA-ready hosting environment is housed at the company’s data center in Manassas, Virginia.
EY noted that LeaseWeb USA’s HIPAA-compliant hosting environment meets all the applicable standards for logical and physical security, operational resilience, incident management, service deployment and change management.
LeaseWeb recently rebuilt its internal assurance and compliance framework to better accommodate rapid international growth in both customers and the standards that needed to be met. The resulting ‘LeaseWeb Trust model’ would allow auditors for LeaseWeb customers to verify “quickly and easily” that the services provided by LeaseWeb meet all current requirements.
“The most important factor in business is trust,” added Mr. Boost. “The LeaseWeb Trust model clearly outlines the areas that are covered and then transparently shares that information. This removes a major headache for our customers, helping them reach the high standards they set for themselves.”
In addition to being HIPAA compliant, LeaseWeb has achieved ISO 27001:2013, PCI DSS certifications and SOC 1 Type II assurance reports for all its independent global entities.