BLOG

What SSAE 18 Means For Security

  • Bill Floeter

Recently, the AICPA made a change to the original SSAE 16 standards for security to address and clarify complexity issues, updating them to the SSAE 18 standard which went into effect in May 2017. According to OnlineTech.com, “SSAE18 is the short name for Statement on Standards for Attestation Engagements No. 18. Attestation standards establish requirements and provide application guidance to auditors for performing and reporting on examination, review, and agreed-upon procedures engagements, including Service Organization Controls (SOC) attestations.”1 To put in simpler terms this process is used to determine your financial integrity and how secure your systems are from potential threats and hackers.

While the SSAE 18 is not a mandatory audit, XIFIN takes this process extremely serious. The healthcare industry has some of the most demanding data confidentiality and security requirements in the world, and our customers require absolute confidence in their information system vendor's ability and commitment to ensuring data integrity for cloud-based systems and services. Participating in the SSAE 18 audit provides a great opportunity for our team to prove that XIFIN security processes are above and beyond the status quo.

As many in the industry know, security is vastly important in the healthcare industry with medical information being upwards of ten times more valuable then credit information. Hackers and fraudulent activity is a daily concern to any company dealing with medical records so you must always be alert. While threats in this industry are never ending and rapidly advancing, our team at XIFIN has managed to be exception free in SSAE reviews for years now, all credited to great personnel and constant adaptation.

Want more information on XIFIN passing the SSAE 18? View this press release. Would you like to learn more about the security of XIFIN? Read this blog on the secure high availability environment of XIFIN RPM9.

The healthcare industry has some of the most demanding data confidentiality and security requirements in the world, and our customers require absolute confidence in their information system vendor's ability and commitment to ensuring data integrity for cloud-based systems and services

Bill Floeter
Vice President, Security & Compliance

Share This Post:

Be First to Hear Updates

Search Blog Posts

Blog Posts By Date