Today, companies across numerous industries must comply with a growing set of regulations aimed at managing and protecting consumers’ personal and financial data. Not only does CDNetworks applaud measures to protect consumers, we continuously check, improve, and test our network, infrastructure, and services to ensure they meet the most stringent regulations.
Whether its HIPAA and PHI compliance in healthcare, PCI standards surrounding eCommerce, or personal and financial data that fall under the European Union Data Protection Directive ─ you can rest assured that CDNetworks has taken the steps necessary to deliver your content and applications in a compliant manner.
PCI Data Security Standard for eCommerce
PCI standards call for rigorous safety measures related to the handling of credit card data at the system, application and delivery infrastructure levels. Each year at CDNetworks, we renew our PCI-DSS compliance certification through a third party organization qualified to analyze, report and certify its findings. Our flagship service, Web Performance Suite (WPS), helps eCommerce businesses overcome the security obstacles presented by the public Internet.
WPS solutions speed packets through our PCI-certified global server network in their “as-is” state without decoding any consumer credit card data. To ensure optimal redundancy and geographic coverage, CDNetworks deploys this capability at each of our numerous Points-of-Presence.
HIPAA and PHI in Healthcare
We recognize that healthcare organizations leveraging cloud-based services to deliver applications with Protected Health Information (PHI) must safeguard electronic PHI under HIPAA’s Security Rule. As such, we continuously assess and enhance our network, services and infrastructure to ensure compliance. In particular, we protect the integrity of Electronic Medical Records (EMR) data during its flow over our network and acceleration by our applications. At no time do we open, change, or inspect data within EMRs or other healthcare applications.
CDNetworks maintains a robust security architecture and takes specific steps on a regular basis to ensure a consistent level of HIPAA compliance. These include physical, logical and technical safeguards for all our servers; personal and password protection of access to our internal systems; SSL (TSL) encryption of all secure content; audits of the software and processes used to deliver customer content and applications over our network.
European Union (EU) Data Protection Directive
CDNetworks complies fully with the European Union’s Data Protection Directive which provides guidelines for ensuring that any application provider, content provider, and/or website operator operating in the EU takes measures to guard the privacy and data of EU-based consumers.
The EU is on the verge of adding specifics and clarity to its pre-Internet Data Protection Directive. On 25 January 2012, the European Commission unveiled a draft European General Data Protection Regulation that will supersede the Data Protection Directive. Early indications are that the new regulation will maintain a strict stance on processing and disseminating personal data of EU citizens.
While specific regulation has yet to be passed, CDNetworks plans to put compliance processes and safeguards in place to continually support the needs of our substantial set of EU-based customers and other customers delivering content and applications into EU countries.
CDNetworks undergoes annual PCI compliance certification by an audited 3rd party. CDNetworks customers have never experienced a consumer credit card data breach caused by our infrastructure or services.
Protection of Electronic Medical Records (EMRs) via automated network pass-through that prohibits opening, editing, and inspection of EMRs.
Having a system of logical and password protection combined with SSL/TSL encryption, we deliver applications and content using our audited processes and software to ensure total compliance.
As the application and website delivery network of choice for a large number of eCommerce and other businesses in the EU zone, CDNetworks stays abreast of evolving EU regulations and standards. We even enhance our systems and architecture before changes are mandated by EU governing bodies so that our customers stay ahead of the EU compliance curve.
Send us a note and a CDNetworks expert will get back to you.
© 2017 CDNetworks. All rights reserved.
The highest performing global Content Delivery Network (CDN), offering unparalleled speed and reliability of web content and applications.