Legal and Compliance

///Legal and Compliance
Legal and Compliance2018-10-03T18:21:36+00:00

Legal and Compliance

As a global Cloud services provider, we've built a comprehensive privacy and security program to meet our clients' complex data security requirements.

Audit and Compliance

Mitratech maintains thorough privacy and security assessments and certifications performed by third parties:

  • We’re aligned with ISO 27001 security controls for corporate and cloud environments.
  • Alignment with ISO 27018 privacy controls for the cloud environment and client data.
  • Mitratech has an independently audited SSAE16 SOC 2 Type 2.
  • Access Mitratech’s SOC 3 report, which confirms Mitratech has maintained effective controls over the security and confidentiality of our SaaS System.

Regulatory Landscape

Recently, the regulatory framework most companies must work within has become very complex and difficult to implement. Mitratech provides a dedicated team that proactively deals with this rapidly changing regulatory landscape, and our clients reap the benefits of remaining compliant with evolving laws and guidelines. This includes:

United States

  • Multiple state Security Incident notification laws
  • Healthcare Insurance Portability and Accountability Act of 1996 (HIPAA)
  • Financial Modernization Act of 1999 or Gramm-Leach-Bliley Act (GLB)

European Union

  • EU General Data Protection Regulation (2016) replacing Data Protection Directive EC 95/46
  • Data Protection Directive 95/46/EC
  • EU Privacy Shield replacing U.S-EU Safe Harbor.

Canada

  • Personal Information Protection and Electronic Documents Act of 2000 (PIPEDA)

Data Centers

Mitratech utilizes collocated data center space that’s dedicated to us and our client needs. These are classified as Tier 4 data centers with 99.995% availability, with locations in the United States and United Kingdom.

Physical Security

  • 24-hour manned security, including foot patrols and perimeter inspections
  • Biometric scanning for access
  • Dedicated concrete-walled Data Center rooms
  • Video surveillance throughout facility and perimeter
  • Building engineered for local seismic, storm, and flood risks
  • Tracking of asset removal

Environmental Controls

  • Humidity and temperature control
  • Redundant (N+1) cooling system

Network

  • Multiple fiber entries from different points into the data center
  • Fully redundant Internet and internal networks
  • Utilizing all Tier 1 carriers located near Internet Exchange Points
  • High bandwidth capacity.

Power

  • Multiple city power grids feed from different points into the data center
  • Redundant (N+1) Power Systems
  • Redundant (N+1) diesel generators with on-site fuel storage

Fire Suppression

  • VESDA (very early smoke detection apparatus)
  • Multi-zone, pre-action dry pipe water-based fire suppression

Have more questions?

Contact us and we’ll answer any questions about how compliance and security.

Contact Us
This website uses cookies and third party services. Ok