Security

Service Organization Control Reports® pertain to controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.

Statement on Standards for Attestation Engagements was established in January 2010 by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) and was formally issued in April 2010 and became effective on June 15, 2011.

Service Organization Control Reports are internal control reports on the services provided by a service organization providing valuable information that users need to assess and address the risks associated with an outsourced service. SOC reports are designed to help service organizations, entities that process information or handle business transactions on behalf of its customers, build trust and confidence in their service delivery and controls over information and data through a report prepared by a CPA.

Email us to request more information or for an audit report.

The AICPA implemented a set of accounting standards and practices related to different types of businesses. Using these practices as a guideline, Greatland is committed to the following in order to remain compliant with SOC certification:

1. Security - The system is protected against unauthorized access (both physical and logical)
2. Confidentiality - Information designated as confidential is protected as committed or agreed

With Single Sign-On (SSO), available in Yearli Premier for $499 annually, user login credentials will authenticate with Okta and Microsoft Azure Active Directory identity and access management platforms. This allows enhanced security and a better user experience than Multi-Factor Authentication (MFA).

Advantages of SSO:

1. Reduces administration (IT) costs and time.
2. Leverages existing platforms: Utilize your current identity management resources to better manage and authenticate user credentials.
3. Increased user adoption: Easy to sign up and manage.
4. Improved user experience: No need to remember all usernames and passwords.
5. Enhanced security.

SSO with Yearli Premier makes sense for your organization if:

• You currently use Okta and Microsoft Azure Active Directory
• You’re looking for increased security
• You want a better login experience

Contact Us to add it to your package (additional add-on cost applies).

Data is securely mirrored to a secure offsite Disaster Recovery site so that data can be recovered and service restored at an offsite location in the event of a disaster.

• Data center is protected by a fire suppression system.
• Databases are clustered for high availability in the event of hardware or software failure.
• Web servers are load balanced for high availability.

While there is not a governing body that certifies that vendors are HIPAA compliant, Greatland has aligned with ISO 27002:2013. This set of standards maps to the HIPAA security rule. Additionally, Greatland enters into a Business Associate Addendum when using Greatland’s technology products.

A business associate includes a subcontractor that creates, receives, maintains, or transmits Protected Health Information (PHI) on behalf of a covered individual – under the HIPAA regulations, service providers like Greatland are considered business associates. HIPAA guidelines typically require that covered entities and business associates enter into contracts to ensure that the business associates will appropriately safeguard PHI.

The business associate contract also serves to clarify and limit, as appropriate, the permissible uses and disclosures of protected health information by the business associate, based on the relationship between the parties and the activities or services being performed by the business associate. Greatland refers to these contracts as Business Associate Agreement Addendums.