TurnKey Internet - IT On Demand

TurnKey owns and operates its SSAE 18 SOC 1 & SOC 2 certified, HIPAA compliant with HITRUST CSF certification datacenter located in New York's Tech Valley region. Owning our datacenter, we have been able to design, build and maintain every aspect of its construction to provide an ideal hosted server environment. Our Albany New York datacenter was a former U.S. Government building that was purchased by TurnKey in 2010. It is made to U.S. Federal Government standards, with 1-foot thick concrete along the perimeter, p lus additional re-inforced walls and security enhancements. We have installed advanced security systems, and infrared based surveillance monitoring cameras.

View TurnKey Internet's SSAE 18 SOC 1 & 2 - HITRUST HIPAA Audit Compliance Documentation

Employees all undergo background screening, and clients are not permitted within the facility except with photo ID and escorted by trained security personnel at all times.

It is upon our foundation of security that we are able to provide our customers with a variety of industry-specialized options such as:

PCI DSS Compliant Hosting
SOX Complaint Hosting
SSAE 16/18 Compliant Hosting
SAS 70 Compliant Hosting
HIPAA & HITECH Compliant Hosting
HITRUST Certified Hosting

Whether you are a direct customer or an IT company working on behalf of your clients, TurnKey Internet can help guide our customers through the processes required to acheieve even the most stringent and tough certifications.

SSAE-18, SSAE-16 & SAS 70 Compliance

SSAE 18 SOC 2 Compliant

TurnKey Internet is in full compliance with SSAE 18 SOC 1 and SOC 2 standards set forth by a certified independent CPA. SSAE 18 is a set of guidelines for reporting on the level of controls at a service organization. All data stored within the server adheres to the SSAE 18 security guidelines.

View TurnKey Internet's SSAE 18 SOC 1 & 2 - HITRUST HIPAA Audit Compliance Documentation

Turnkey Internet, and our Albany New York Datacenter operate in compliance with the SSAE 18 both SOC I and SOC II requirements and certified controls to secure the transfer of sensitive business data. Our datacenter technicians adhere to the strict guidelines to ensure servers are managed in accordance to SSAE standards.

The Statement on Standards for Attestation Engagements No. 18, or simply SSAE 18, is a set of guidelines for reporting on the level of controls at a service organization. The guidelines were created by the AICPA and went into effect April 2016; replacing SSAE-16 and SAS 70 as the auditing standard for service organizations.

The new standard of reporting on internal controls of a service organization was drafted in order to update organizations in the US service industry to reporting standards that complies with the International Standard on Assurance Engagements No. 3402 (ISAE 3402). There are two types of reports for SSAE 18 along with the addition of a new reporting framework, the Service Organization Control (SOC). TurnKey Internet is certified on both SOC I & II - the highest level standards for security, availability, and processing integrity of sensative data.

HITRUST CSF Certification


The Health Information Trust Alliance, or HITRUST, is a healthcare Common Security Framework (CSF) that includes both federal and state regulations. HITRUST certified organizations are audited by a third-party to validate specific areas, such as proper access control, security policies, asset managment, incident management, and business continuity.

HITRUST CSF was developed to provide organizations with a more effective framework to address security needs that go beyond HIPAA. It integrates many existing requirements from HIPAA and other data protection frameworks to create a universal protection standard void of any inconsistencies. HITRUST creates the 'certified' aspect which creates audited verification of compliance for HIPAA and HITECH requirements.

View TurnKey Internet's SSAE 18 SOC 1 & 2 - HITRUST HIPAA Audit Compliance Documentation

By choosing a HITRUST CSF certified Data Center and Cloud provider, your business saves time and money by not having to become certified yourself. Best of all, you will have the peace of mind knowing your data is protected by best-in-class technology, policies, and procedures.

HIPAA Compliance

hipaa it requirements

TurnKey Internet adheres to the standards set forth by The Health Insurance Portability and Accountability Act (HIPAA). An audit system was established by HIPAA to ensure datacenter facilities are following a strict code of Federal Regulation set forth by independent inspectors.

This system was established to secure the transfer and storage of Protected Health Information (PHI) of patients. Our datacenter is in compliance with all 19 HIPAA standards, meaning all server hosted are secure enough to store PHI which is important for those working within the healthcare industry.

View TurnKey Internet's SSAE 18 SOC 1 & 2 - HITRUST HIPAA Audit Compliance Documentation

In order for a datacenter to be HIPAA compliant they must first pass a rigorous audit to ensure that the facility follows the Code of Federal Regulation (CFR) set by HIPAA inspectors. The inspectors take a detail look into the inner workings of a datacenter to ensure that any and all data stored inside are protected and only available to those authorized to view them.

They also check to see if a Business Associate Agreement (BAA) is made between the hosting provider and clients with data that are PHI. Any violation of a patient’s PHI are reported to the Office of Civil Rights (OCR). A Business Association Agreement binds employees of both parties to report any such violations.

HITECH Compliance

The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, was signed into law on February 17, 2009, to promote the adoption and meaningful use of health information technology. Subtitle D of the HITECH Act addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules.

View TurnKey Internet's SSAE 18 SOC 1 & 2 - HITRUST HIPAA Audit Compliance Documentation

PCI DSS Compliance

datacenter certifications

TurnKey Internet Data Centers are PCI compliant and offer your business trusted and secure support for all credit card transactions processed on line. PCI DSS standards were created in 2004 to curb high-profile security breaches by the founding brands of the PCI Security Standards Council. Those brands included the following: American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International.

View TurnKey Internet's SSAE 18 SOC 1 & 2 - HITRUST HIPAA Audit Compliance Documentation

The Payment Card Industry Data Security Standard (PCI DSS) protects consumer security for all businesses that process transactions using credit cards. Our specialist’s work hard to ensure consumer identity is protected and that all controls are in place at all times.

Through the use of PCI hosting standards, server hosting procedures are implemented to ensure a secure environment for credit card processing.

The standards are updated by the Council, as needed, to stay up-to-date with new or modified requirements. To be considered PCI compliant, businesses must meet all of the required standards sufficiently.

Guaranteeing security and meeting requirements can be a tricky task for some businesses and the fine imposed for violations doesn’t make it any easier.

SOX Compliance

The Sarbanes-Oxley Act of 2002 was created to protect investors from accounting fraud, specifically that which is related to shares sold by publicly traded corporations. The Sarbanes-Oxley Act is a deliberate effort to mandate strict reforms regarding how corporations make financial declarations. This law mandates increased vigilance with regards to disclosures related to the financial state of the company, particularly when it comes to earnings and profitability.

TurnKey Internet provides, in writing, our 30-day no-questions-asked Money-Back Guarantee. Your satisfaction is our top priority, and we're confident that you will love our TurnKey Services.

Our 30-Day Money-Back Guarantee gives you plenty of time to test us out and see for yourself how Great TurnKey Internet's Service is for your business.