Compliance & Security at AxiaTP
The AxiaTP Difference is found in our NCS (Network, Compliance, Security) and PSP (Post Sale Process) standards, in addition to our relentless commitment to quality service and value. Our professional staff has decades of implementation and process/workflow experience; and our PSP is detailed, organized and tracked via interactive project management software. With complex regulations and standards, AxiaTP guarantees security and is a name you can trust.
The Federal Information Security Management Act (FISMA) requires each federal agency to develop, document and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor or other source.
SOC 2® COMPLIANT
AICPA’s System and Organization Controls (SOC) for Service Organizations are internal control reports on the services provided by a service organization that shares valuable information users need to assess and address the risks associated with an outsourced service.
SOC 2 Reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability and processing integrity of the systems the service organization uses to process users’ data, and the confidentiality and privacy of the information processed by these systems.
PCI DATA SECURITY STANDARD COMPLIANT
The PCI Data Security Standard (PCI DSS) provides an actionable framework for developing a robust payment card data security process, including prevention, detection and appropriate reaction to security incidents. The standards set the operational and technical requirements for organizations accepting or processing payment transactions, and for software developers and manufacturers of applications and devices used in those transactions.
The Communications Assistance for Law Enforcement Act (CALEA) was enacted by Congress in 1994 to require telecommunications carriers to provide law enforcement with certain technical capabilities when they conduct lawful electronic surveillance on telecommunications networks. The Federal Communications Commission issued an order in 2005 extending the coverage of CALEA to two-way interconnected VoIP and broadband Internet access.
The goal of CALEA is to preserve the ability of law enforcement to conduct lawful investigations despite evolutions in network technology. This goal is meant to be achieved while protecting telecommunications subscriber privacy and the ability of telecommunications carriers to launch new services and technologies.
The Sarbanes-Oxley (SOX) Act requires all financial reports to include an internal control report. This is designed to show that not only are the company’s financial data accurate, but the company has confidence in them because adequate controls are in place to safeguard financial data. Year-end financial reports must contain an assessment of the effectiveness of the internal controls.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides data privacy and security provisions for safeguarding medical information. It has two main purposes: to provide continuous health insurance coverage for workers who lose or change their job, and to reduce the administrative burdens and cost of health care by standardizing the electronic transmission of administrative and financial transactions. Other goals include combating abuse, fraud and waste in health insurance and healthcare delivery and improving access to long-term care services and health insurance.