Educause Security Discussion mailing list archives
NCSA blog series on SOC 2 certification
From: "Dopheide, Jeannette M" <jdopheid () ILLINOIS EDU>
Date: Tue, 29 Sep 2020 20:34:34 +0000
Hello EDUCAUSE Security list, I'm sharing a new blog series documenting NCSA's work pursuing a SOC Type 2 certification: NCSA’s Advanced Computational Health Enclave (ACHE) is a multi-tenant environment providing high-performance computing (HPC) for research involving electronic Protected Health Information (ePHI). NCSA follows HIPAA standards and has implemented a set of security controls to ensure the protection of ePHI. As a validation of our controls, NCSA is pursuing a SOC 2 Type 2 certification for its ACHE environment. A SOC 2 is an assessment of a service organization’s system and organizational controls. These internal controls, including policies, business processes, and technical controls, are assessed according to one or more of the AICPA’s Trust Service Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. Our goal with the series is to document our efforts, recommendations, and lessons learned during this process. To read more, see our blogs posted here: https://wiki.ncsa.illinois.edu/label/cybersec/soc_2 -- Jeannette M. Dopheide Sr. Education, Outreach and Training Coordinator National Center for Supercomputing Applications University of Illinois at Urbana-Champaign ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- NCSA blog series on SOC 2 certification Dopheide, Jeannette M (Sep 29)