FISMA/NIST, HIPAA, PCI and ISO 22301 certifications address customer needs across federal, healthcare, financial and enterprise markets
REDWOOD CITY, Calif., April 6, 2017 /PRNewswire/ -- Equinix, Inc. (NASDAQ:EQIX, news, filings), the global interconnection and data center company, today announced significant progress on its certification program with three new standards achievements - FISMA/NIST (federal), HIPAA (healthcare) and ISO 22301 (enterprise). The new certifications demonstrate Equinix's commitment to provide the highest levels of regulatory compliance required by customers as it focuses on specific challenges and priorities for key verticals andthe enterprise market. In addition to the three new certifications, Equinix also expanded SOC 2 Type 2 and PCI DSS coverage globally for its International Business Exchange (IBX®) data centers.
Global Certification Details
Americas (North America)
- All IBX data centers have achieved FISMA/NIST Revision (4) High Categorization compliance, mandated by U.S. federal government agencies.
- All IBX data centers are now PCI DSS v3.2 compliant, critical for the financial industry.
- All IBX data centers are now HIPAA compliant, necessary for the healthcare industry.
Americas (South America)
- All IBX data centers are now ISO 22301:2012 compliant. ISO 22301 is an international standard for business continuity management and specifies requirements to prepare for, respond to and recover from disruptive events, such as natural disasters.
- All IBX data centers are now SOC 2 Type 2 compliant – a standard designed for technology companies, specifically data centers, IT managed services, SaaS vendors, and other technology and cloud-computing based businesses. SOC (2) criteria is based on the Trust Services Principles (TSP) of security, availability, processing integrity, confidentiality and privacy.
- Out of the 65 IBX data centers in EMEA, 28 IBX data centers achieved SOC 2 Type 2 certification in 2016. The remaining 37 IBX data centers are targeted for certification in 2017.
- 11 IBX data centers achieved PCI DSS v3.2 compliance, with six of these now certified and rest expected to close by 2017 end.
Sam Kapoor, chief global operations officer, Equinix:
"Regulatory compliance is the utmost priority for Equinix to provide the assurance of security and business continuity to our customers. The commitment to industry standards is core to our interconnection strategy and gives more reasons for customers to say "yes" to Platform Equinix. As the Equinix portfolio further evolves to enable an Interconnection Oriented Architecture (IOA), our compliance strategy also aligns with the shift from physical security to data security."
Equinix, Inc. connects the world's leading businesses to their customers, employees and partners inside the most interconnected data centres. In 41 markets across five continents, Equinix is where companies come together to realise new opportunities and accelerate their business, IT and cloud strategies.
About the New Certifications
NIST 800-53 is published by the National Institute of Standards and Technology, which creates and promotes the standards used by federal agencies to implement the Federal Information Security Management Act (FISMA) and manage other programs designed to protect information and promote information security. Agencies are expected to meet NIST guidelines and standards within one year of publication. National security is not included in these standards.
The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed. This includes: covered entities (CE); all treatment providers; healthcare payment and operations; business associates; personnel with access to patient information to provide support in treatment, payment or operations. Subcontractors and business associates must also follow HIPAA compliance.
An internationally recognized best practice framework that specifies the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS). ISMS is a systematic approach to managing sensitive company information including people, processes and IT systems.
Forward Looking Statements
This press release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially from expectations discussed in such forward-looking statements. Factors that might cause such differences include, but are not limited to, the challenges of acquiring, operating and constructing IBX centres and developing, deploying and delivering Equinix services; unanticipated costs or difficulties relating to the integration of companies we have acquired or will acquire into Equinix; failure to receive significant revenue from customers in recently built out or acquired data centres; failure to complete any financing arrangements contemplated from time to time; competition from existing and new competitors; the ability to generate sufficient cash flow or otherwise obtain funds to repay new or outstanding indebtedness; the loss or decline in business from our key customers; and other risks described from time to time in Equinix's filings with the Securities and Exchange Commission. In particular, see Equinix's recent quarterly and annual reports filed with the Securities and Exchange Commission, copies of which are available upon request from Equinix. Equinix does not assume any obligation to update the forward-looking information contained in this press release.