Certifications

Corodata has been audited for HIPAA Compliance and deemed compliant: The Health Insurance Portability & Accountability Act (HIPAA) sets security standards on medical information. We follow specific protocols set by HIPAA to provide excellent protection for our clients’ information. Our employees go through additional rigorous HIPAA training annually to stay up to date on new laws and security protocols, so they can perform to the utmost of their abilities. This knowledge and training helps our employees uphold our standards for compliance and safety of client information.

“We determined from our review that Corodata has good technical controls in place in accordance with industry-accepted standards, and appropriate physical and environmental controls and is in compliance with all HIPAA Security Rule standards,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “KirkpatrickPrice’s independent audit determined that all access controls to ePHI stored on Corodata systems are in compliance with HIPAA requirements.”

Independent Audit Verifies Corodata’s Internal Controls and Processes. Corodata renews certification for the rigorous SSAE 18 Type II Audit every year. Federal regulations such as Sarbanes-Oxley, Gramm-Leach-Bliley and the Health Insurance Portability and Accountability Act (HIPAA) require corporations to audit the internal controls of their suppliers, including those that provide technology services.

In accordance with SSAE 18 (Statements on Standards for Attestation Engagements), developed by the American Institute of Certified Public Accountants (AICPA), our SSAE 18 certification encompasses both SOC 1 and SOC 2 comprehensive retrospective audits and follow-up reports. These dual certifications within our SSAE 18 framework demonstrate our commitment to comprehensive internal controls and the highest standards of information security, providing our clients with the utmost confidence in our operations.

• SOC 1 assesses the controls relevant to an entity’s financial reporting, ensuring the integrity of our financial systems and the protection of our clients’ financial data.
• SOC 2 focuses on security, availability, processing integrity, confidentiality, and privacy.

“Many of Corodata’s clients rely on them to protect consumer information,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “As a result, Corodata has implemented best practice controls demanded by their customers to address information security and compliance risks. Our third-party opinion validates these controls and the tests we perform provide assurance regarding the managed solutions provided by Corodata.”

“The SOC 2 audit is based on the Trust Services Criteria,” said Joseph Kirkpatrick, President of KirkpatrickPrice. “Corodata delivers trust-based services to their clients, and by communicating the results of this audit, their clients can be assured of their reliance on Corodata’s controls.”

KirkpatrickPrice performs our SSAE, HIPAA, and PRISM audit. KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing information security and compliance assurance in more than 48 states, Canada, Asia, and Europe. kirpatrickprice.com @KPAudit, Linkedin.

Corodata has received NAID Certification: As the governing body for the information destruction industry, iSigma NAID conducts rigorous audits, including both scheduled and unannounced evaluations. Our NAID certification for plant-based and mobile document destruction, as well as hard drive and electronic media destruction, assures our clients of our competence and commitment to secure data disposal. Click here to learn more about NAID.

Corodata has been awarded PRISM Privacy+ Certification ®: This globally recognized certification verifies our compliance with data protection laws, ensuring that we meet regulatory due diligence obligations. We voluntarily maintain Privacy+ certification for our services related to physical storage, hard-copy records, and offline removable computer media.

Six Sigma: Corodata integrates the principles of Six Sigma into our management philosophy, emphasizing our percent failure/success to pinpoint areas for improvement.Leveraging Pivotal Resources, we strive to maximize security and productivity, fostering a continuous improvement mindset to enhance our service to clients. This approach reflects the best practices embraced by Fortune 500 companies, highlighting continuous improvement and a culture of quality.

Corodata is a Certified California Green Business per Santa Clara County program: Beyond compliance, we prioritize sustainability as a Certified California Green Business. Our methods, procedures, and equipment not only save energy and lower costs but also minimize our environmental impact. Learn more about Corodata’s commitment.