For many organizations that use Collaborate as their case management system, comprehensive data security isn’t an option - it’s a legal requirement. We care just as much about protecting our customers’ sensitive data as they do, and we’ve got the formal compliance certifications to prove it.

Real, Certified Compliance

Software vendors will sometimes claim they meet compliance requirements when they actually don’t. A common misleading phrase is “The servers we use are SOC 2 compliant” - but beware: that doesn’t mean the vendor or their software is compliant.

Actual compliance involves up-front and ongoing certification by a third-party firm.

SOC 2 Compliance

Service Organization Controls (SOC) 2 is a compliance report standard that provides assurances about how an organization manages customer data. Following a rigorous audit by Dansa D’Arata Soucia LLP, Network Ninja (at the company level) and Collaborate (at the product level) have been certified as SOC 2 Type 2 compliant, and subsequent annual reviews are scheduled to maintain this certification.

SOC 2 compliance badge

SOC 2 compliance boils down to what the American Institute of Certified Public Accountants (AICPA) refers to as five “trust service principles”:

  • Security - Collaborate and its underlying infrastructure are protected against unauthorized access with measures like intrusion detection and Multi-Factor Authentication (MFA).
  • Availability - 99.9% uptime is guaranteed with performance monitoring, disaster recovery, and security incident handling procedures.
  • Processing Integrity - With dedicated Quality Assurance (QA) staff and internal process monitoring, Collaborate empowers organizations to store data accurately and reliably.
  • Confidentiality - Encryption, Roles & Permissions, and Firewalls are a few of the ways we maintain confidentiality.
  • Privacy - With privacy controls and consent management tools, Personally Identifiable Information (PII) is protected in Collaborate - and accessible only when needed.

Contact us for SOC 2 Report

HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established a national standard for how Protected Health Information (PHI) is handled. Based on a thorough assessment by a third-party consulting firm, Network Ninja and Collaborate have been deemed HIPAA Compliant.

HIPAA compliance badge

Here’s some of what the HIPAA experts at Gazelle Consulting evaluated when conducting their formal HIPAA compliance assessment for our company and software:

  • HIPAA security policies and procedures that guide every member of our team in making HIPAA compliant decisions
  • Regular risk assessments that validate our compliance program is effective and our software is secure
  • Vendor assessments that ensure that our own vendors’ compliance programs are competent
  • Physical, administrative, and technical safeguards to help prevent unauthorized users from accessing data
  • Annual HIPAA Training to keep our staff up-to-date on the latest safeguards and regulatory requirements
  • Strong information management program by creating documentation of our compliance activities
  • Qualified security team including security leads for each product and a security officer to help triage the response to vulnerabilities
  • Completed a comprehensive analysis of user access roles to ensure that users only have the minimum access necessary to perform their work

Contact us for HIPAA Compliance Info Sheet

Network Ninja is an AWS Public Sector Partner

According to Amazon, “The AWS Public Sector Partner (PSP) Program validates AWS Partners with cloud-based solutions and experience supporting government, space, education, and nonprofits around the world.”

Amazon AWS Public Sector Partner badge

We’re proud to be a Public Sector Partner - further solidifying our commitment to providing secure, accessible solutions to all manner of social services organizations.

What Our Compliance Means for You

Organizations that deal with sensitive information have a legal and ethical obligation to keep that data safe. We’ve invested heavily in security, training, and compliance to empower agencies to do just that.