Refer and Earn! Refer friends, colleagues and business associates to Yearli and earn a $10 Amazon gift card for each referral that completes a filing. Refer Now

Security



Greatland highly values the security and confidentiality of our customers. To that end, Yearli online and Desktop W-2, 1099 and 1095 filing products have undergone a number of security assessments that have been tested and validated by third-party auditors.

Privacy & Security Policy

Greatland recognizes the great importance of protecting the privacy of all information provided by our customers. Keeping information secure, and using it only as our customers want us to, is a top priority.

Greatland takes all reasonable steps to safeguard any information our customers share with us. All sensitive data that is stored in databases is encrypted at the database level. All communication is encrypted when sent to the site.

We will permit only authorized parties trained in the proper handling of sensitive customer information, to access that data. Access is on a need to know basis. Parties who violate our Security Policy are subject to disciplinary action including termination.

Read Full Privacy & Security Policy

SOC 2 - What Is It

Service Organization Control Reports® pertain to controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.

Statement on Standards for Attestation Engagements was established in January 2010 by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) and was formally issued in April 2010 and became effective on June 15, 2011.

Service Organization Control Reports are internal control reports on the services provided by a service organization providing valuable information that users need to assess and address the risks associated with an outsourced service. SOC reports are designed to help service organizations, entities that process information or handle business transactions on behalf of its customers, build trust and confidence in their service delivery and controls over information and data through a report prepared by a CPA.

Email us to request more information or for an audit report.

SOC 2 - What It Means To You

The AICPA implemented a set of accounting standards and practices related to different types of businesses. Using these practices as a guideline, Greatland is committed to the following in order to remain compliant with SOC certification:

  1. Security - The system is protected against unauthorized access (both physical and logical)
  2. Confidentiality - Information designated as confidential is protected as committed or agreed

Physical Media

Confidential printed, electronic or magnetic media material is kept under lock and key or destroyed by a secure shredding service that is NAID (National Association for Information Destruction) Certified and access to all machines is restricted by password protection.

Electronic Data

Electronic data is stored on secure servers behind firewalls, protected by ISP with up-to-date anti-virus and is monitored with alerts to potential threats. Systems are housed in a secure data center, monitored 24/7 by security cameras, with monthly security scans.

Data Integrity & Availability

Data is securely mirrored to a secure offsite Disaster Recovery site so that data can be recovered and service restored at an offsite location in the event of a disaster.

  • Data center is protected by a fire suppression system.
  • Databases are clustered for high availability in the event of hardware or software failure.
  • Web servers are load balanced for high availability.

HIPAA & Greatland

While there is not a governing body that certifies that vendors are HIPAA compliant, Greatland has aligned with ISO 27002:2013. This set of standards maps to the HIPAA security rule. Additionally, Greatland enters into a Business Associate Addendum when using Greatland’s technology products.

A business associate includes a subcontractor that creates, receives, maintains, or transmits Protected Health Information (PHI) on behalf of a covered individual – under the HIPAA regulations, service providers like Greatland are considered business associates. HIPAA guidelines typically require that covered entities and business associates enter into contracts to ensure that the business associates will appropriately safeguard PHI.

The business associate contract also serves to clarify and limit, as appropriate, the permissible uses and disclosures of protected health information by the business associate, based on the relationship between the parties and the activities or services being performed by the business associate. Greatland refers to these contracts as Business Associate Agreement Addendums.

Ready to get started?

Simply choose your account type, register and begin filing forms for your business.