Ntirety Compliance-as-a-Service

What is PCI?
PCI is designed to help ensure customer credit/debit car data, account information, and transaction information is safe from hackers or any malicious system intrusion.

Who is required to be compliant?
Any organization that processes credit/debit card information, including merchants and third-party service providers that store, process, or transmit credit/debit card data.

How does Ntirety help?
Ntirety can help you address a sub-set of the 12 major requirements listed in the PCI DSS.

What is HIPAA?
HIPAA regulates the use and disclosure of an individual’s health information and gives patients greater control over the use of that information.

Who is required to be compliant?
Any covered entity, defined as health care providers, health plans, and health care clearinghouses, that collect and use individually identifiable health information.

How does Ntirety help?
Ntirety offers industry-leading, HIPAA-compliant, and HITRUST-certified solutions, including the following components:

• Firewall
• Intrusion detection and prevention
• Multi-factor authentication
• SSL and VPN
• Web application firewall
• File integrity monitoring
• Security event log management and monitoring

What is HITRUST CSF?
A HITRUST Common Security Framework certification demonstrates that Ntirety meets specific healthcare regulations and requirements for protecting and securing sensitive private healthcare information.

Who can earn this certification?
Only organization that meet certain requirements and receive a passing score after rigorous auditing can claim they are HITRUST CSF certified, which is why working with HITRUST-certified vendors instills confidence in your customers.

How does Ntirety help?
Ntirety’s HITRUST certification extends to our entire infrastructure, data centers, backup applications, multitenant solutions, dedicated servers, storage, and networking, which means you can rest assured knowing that your sensitive data is safely—and compliantly—guarded.

What is FERPA?
FERPA is a federal law within the United States that ensures students’ paper and electronic education records stay private.

Who is required to be compliant?
This law applies to all public schools and state or local education agencies that receive federal education funds. Organizations that host and/or develop Integrated Data System (IDS) software must also ensure they are complaint with FERPA.

How does Ntirety help?
We offer FERPA-compliant, fully managed solutions that safely host a wide variety of applications, alongside security experts that eliminate the complexity in establishing and maintain FERPA compliance:

• Content Management Solutions
• Digital education
• On-demand learning materials and webinars
• Academic research data
• Digital media for speaking events, sports event, and fine arts performances

Our solutions will help you meet FERPA guidelines by allowing you to:

Safeguard Your Records in the US: Educational records covered under FERPA include medical and health records, emergency contact information, grades, test scores, and much more. With multiple data centers spread across the country, our solutions allow you to host and backup this sensitive data in the United States, which makes FERPA compliance less complex.

Protect Your Data with Appropriate Safeguards: Ntirety implements the appropriate administrative, physical, and technical safeguards to store, maintain, and protect electronic student education records in accordance with FERPA regulations.

Partner with Experts: As one of the few managed hosting providers to hold a full suite of compliance certifications, Ntirety’s expert security team eliminates the complexity in establishing and maintaining FERPA compliance.

What is CCPA?
This privacy law grants any California consumer the right to:
• Know what personal data is being colle cted about them
• Know whether their personal data is sold or disclosed and to whom
• Say no to the sale of personal data
• Access their personal data
• Request a business delete any personal information about a consumer collected from that consumer
• Not be discriminated against for exercising their privacy rights

What are CCPA Requirements?
For businesses that must adhere to CCPA law, compliance breaks down into 5 main requirements:
1. Data inventory and mapping of in-scope personal data and instances of “selling” data
2. New individual rights to data access and erasure
3. New individual right to opt-out of data selling
4. Updating service-level agreements with third-party data processors
5. Remediation of information security gaps and system vulnerabilities

Does Your Business Have to Comply with CCPA?
Any for-profit organization doing business in California that collects consumers’ personal data and meets the following
qualifiers must comply with CCPA:
• Has annual gross revenues in excess of $25 million
• Annually buys, receives for the business’ commercial purposes, sells or shares for commercial purposes, alone or
in combination, the personal information of 50,000 or more consumers, households, or devices
• Derives 50% or more of its annual revenues from selling consumers’ personal information

What is GDPR?
The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area.

Who is required to be compliant?
This law applies to any organization that provides services to the EU, has an ‘establishment’ in the EU regardless of where you process personal data, or has employees or clients from the EU.

How does Ntirety help?
We offer GDPR-compliant, fully managed solutions that safely host a wide variety of applications, alongside security experts that eliminate the complexity in establishing and maintaining GDPR compliance:

• Risk Assessment
• Gap Analysis
• Awareness Training
• Table top exercises – Guided Discussion in BCP & DR
• Asset Inventory
• Breach Response
• Incident Response or Testing
• Mapping Frameworks (ISO 27001 to GDPR)