Third-Party Audit Attests to Carbonite’s HIPAA Compliance as a Business Associate
Validation Process is Assurance of Data Security Integrity
BOSTON, May 29, 2014 (GLOBE NEWSWIRE) -- Carbonite Inc. (Nasdaq:CARB), a leading provider of hybrid backup and recovery solutions for businesses, has successfully completed a rigorous data management security examination by an outside assurance/compliance auditor, and has met strict compliance requirements of the Health Insurance Portability and Accountability Act (HIPAA).
"As a data protection solutions provider and Business Associate to our customers in the healthcare industry, security is core to our brand," commented Danielle Sheer, general counsel and vice president, Carbonite. "We believe it is imperative to not only conduct routine internal security audits, but achieve compliance approvals from independent outside auditing firms as well."
Carbonite began assessing and documenting the administrative, technical and physical safeguards it uses to protect customer data in preparation for the September 2013 update to HIPAA regulations that changed the definition of a Business Associate. The company completed the process in advance of the deadline, and brought on a third-party partner to ensure the right steps had been taken to meet HIPAA compliance requirements.
The rigorous six-month assessment was executed by 360 Advanced, Inc. (www.360advanced.com), a national, multi-service, licensed Certified Public Accountant (CPA) and Qualified Security Assessor (QSA) firm that specializes in integrated compliance solutions for service providers related to internal controls, security, confidentiality, privacy, processing integrity, availability and other elements critical to information surety.
"The Carbonite team was focused on ensuring internal controls were in place to meet or exceed HIPAA requirements. The results of our independent HIPAA assessment at Carbonite identified no relevant exceptions to the design or operation of the system of controls," said Dan Collins, president of 360 Advanced. "Completing HIPAA and other formal compliance examinations enhances a service provider's reputation for security, reliability and professionalism, and can give it a competitive advantage in an era in which data breaches are becoming more frequent and costly."
"The compliance requirements and security protocols are incredibly detailed and specific," commented Sheer. "I would recommend that all service providers rely on an independent expert's oversight and guidance."
Carbonite (Nasdaq:CARB) is a leading provider of hybrid backup and recovery solutions for businesses. Carbonite offers a comprehensive suite of affordable services for data protection, recovery and anywhere, anytime access. More than 1.5 million customers, including 50,000 small businesses, trust Carbonite's secure, easy-to-use cloud backup solutions and award-winning U.S.-based customer support. For more information, please visit Carbonite.com, connect with us on Twitter @carbonite or visit our Facebook page.