SOC2 Type2

eStruxture is SOC2 Type2 compliant. eStruxture maintains it's compliance with industry best practices by undergoing an independent third party audit on a yearly basis.

The SOC2 framework is intended to deliver a report specifically designed for data centers, service providers and other technology companies. Its Trust Service Principles apply to security, availability, processing integrity, confidentiality, and privacy.

Type 2 reports on the design and operating effectiveness of the service organization's controls. The Type2 report indicates that the organization has undergone an audit during a pre-determined period.

The SOC2 Type 2 report is available for private viewing by our existing customers and their auditors.

HIPAA

eStruxture also has a SOC2 to HIPAA mapping report that can be viewed at the same time as the SOC2 Type2 report. This document and table is to assist in the mapping of the Trust Services Principles, Criteria, and Illustrations for Security and Availability to the United States Heath Information Portability and Accountability Act (HIPAA).

PCI DSS

In addition to the above, we also comply with sections 9 and 12 (concerning physical premises) of the PCI DSS certification. We continue to work with PCI auditors for several of our existing customers to assist them in successfully passing their PCI DSS audits.