Most mission critical IT Systems have commercial or federal compliance requirements. We help our clients maneuver through the challenges presented by government compliance regulations and FISMA compliance issues to create a customized program that meets all information security management needs. These solutions focus on data security and areas needed to achieve certificate of compliance.
Federal Risk Authorization Management Program
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services, allowing the U.S. Federal government to realize the benefits of cloud computing faster through a single authorization process.
Cloud Service Providers (CSPs) interested in serving federal organizations must meet rigorous government mandated security requirements. To ensure CSPs meet these standards, they must be audited by a Third Party Assessment Organization (3PAO) before they can receive a P-ATO. As an accredited 3PAO organization, Kratos SecureInfo is assisting VAZATA with the FedRAMP authorization process.
VAZATA is the 21st company to achieve this authorization. With a rigorous audit occurring every 30 days, VAZATA has the distinction of being one the most compliant technology providers, having attained the highest level of security and performance set by FedRAMP’s stringent compliance standards.
VAZATA’s Infrastructure as a Service (IaaS) solutions deliver the highest standards in compliance, security, and performance in the healthcare industry. VAZATA is uniquely positioned to provide a solution intended to protect electronic medical records (EMR), electronic protected healthcare information (ePHI) and other sensitive data by lowering your risk of intrusion and consistently having patient information accessible to authorized medical practitioners.
VAZATA has been declared “HIPAA Compliant” by the independent assessment firm Kratos/SecureInfo. HIPAA - the Health Information Portability and Accountability Act, is a guiding standard from the U.S. Department of Health and Human Services, intended to protect the confidentiality of Protected Health Information (PHI). The standards are rigorous, particularly related to physical security at Cloud Service Provider datacenters. The seal of HIPAA compliance assures customers that VAZATA is providing a purpose-built platform that can serve as the cornerstone of their success, security and data compliance.
NIST SP 800-30 describes the identification of the threat, the threat source and the threat action for use in the assessment process. The following threats were determined by KTTS to be most applicable to the VAZATA Colocation environment: