Contegix has successfully completed SOC 2, SSAE 16 Type I and Type II Audits, and is EU-US Privacy Shield Certified. Need HIPAA, FedRAMP, FISMA or PCI compliant hosting solutions? We can offer that as well and are Business Associates Agreement (BAA) friendly. Our focus is on automating the hosting and development process with your team to provide speed, agility and scalability while ensuring compliance and security, specific to your industry (HIPAA, FedRAMP, FISMA, PCI, Hi-Trust, SOC). Review our industry certifications below and if you need more detailed information or documentation, contact us, and we’d be happy to help you.



HIPAA-logoTypically for businesses operating in the healthcare industry, we have the experience, tools and technology to assist you in keeping your business HIPAA compliant with your managed hosting solution. We are Business Associates Agreement (BAA) friendly and deliver HIPAA-compliant solutions to numerous health care organizations. Contact us about HIPAA Compliance.



The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Having FedRAMP authorization means improved trustworthiness, reliability, consistency, and quality for cloud computing services. As a FedRAMP-authorized service provider, Contegix offers federal agencies secure cloud storage and solutions. Contact us about FedRAMP compliance.



The Federal Information Security Management Act (FISMA) obligates every federal agency to ensure the agency’s information and systems are protected. FISMA-compliant web hosting is critical for government agencies to secure economic and national security. Contegix has the knowledge and resources to get you secure, compliant, and beyond. Contact us about FISMA compliance.



The Payment Card Industry Data Security Standard (PCI DDS) was built for sites or online application stores that process or transmit credit card information. PCI compliance combines the powerful security standards of the five major credit card companies and adheres to the twelve PCI DDS security requirement categories for protecting account data and preventing financial fraud.

Contegix will work with our clients to ensure the environments that we design for their needs meet their PCI compliant standards. Our secure data centers allow us to build out infrastructures that meet and exceed our customers’ PCI compliant requirements. Let us help you build out a PCI compliant infrastructure today! Contact us about PCI Compliance.



SOC 2 Type II is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality or privacy. SOC 2 certification verifies Contegix as an organization that delivers secure, reliable, and effective operating environments featuring the appropriate controls for conducting IT operations.

Conducted by the independent auditor, Brown Smith Wallace, the SOC 2 audit confirms that Contegix has all of the best internal practices in place to verify security, availability and privacy of your data hosting environment. SOC 2 reports on controls that are independent of an SSAE 16 (SOC 1) audit, and refers to controls specifically related to IT/data center service providers. Contact us about SOC 2 Certified Hosting.



SSAE16-LogoSSAE 16 is an in-depth auditing standard of the controls over information technology and security. There are two types of SSAE 16 audits that can be performed. TYPE I – This is the collection of the stated controls of an organization. Typically it includes a disaster recovery plan and physical security measures.

TYPE II – Contegix has a Type II audit. It’s the same as a Type I, with the addition of testing of the controls. Meaning the auditor has checked all of the supplied controls, ensuring stated and correct guidelines are followed.

No matter the size or type of your business, our experienced team and hosting technology can help you achieve SSAE 16 compliance. We can even assist in implanting policies and objectives allowing you to spend more time focused on what’s important to your business. Contact us about SSAE 16 Compliance.



The EU-US Privacy Shield is focused on the safe, lawful transfer of personal data between the European Union and the United States. At Contegix, we treat each customer’s privacy and their data with the utmost respect. That’s why we follow the exact laws of each country for the transmission, collection, use and disclosure of any personal information, as stated in the EU-US Privacy Shield.  On September 8, 2016, Contegix achieved EU-US Privacy Shield certification from the Department of Commerce. Contact us about any questions on our EU-US Privacy Shield compliance.