Compliance

Our Compliance Team is focused on maintaining strict adherence with industry, governmental, corporate and third-party control requirements, addressing the critical needs of our data center customers.

Compliance

Aligned Energy’s state-of-the-art data centers, technologies and operations meet strict compliance and security standards to safeguard customer infrastructure, protect the confidentiality and integrity of customer data, and ensure maximum availability to maintain business continuity.

Data Center Certifications and Compliance

SOC 2 Type 2 & SOC 1 Type 2

System and Organization Control for Service Organizations (SOC) certifies that Aligned Energy maintains the highest level of internal controls and safeguards relevant to security, availability and integrity of the systems used to process customer data, as well as the confidentiality and privacy of the information processed by these systems.

SOC 1 Type 2 reports on Aligned’s controls related to customers’ financial reporting. SOC 2 Type 2 builds on this financial reporting basis and also requires standard operating procedures for organizational oversight, vendor management, risk management, and regulatory oversight.

NIST 800-53

NIST 800-53, published by the National Institute of Standards and Technology, promotes standards used by federal agencies to implement the Federal Information Security Management Act (FISMA) and documents security controls for all federal information systems (except those designed for national security).

Aligned Energy’s data center infrastructure, technology and supporting applications meet NIST guidelines and standards, ensuring our federal government customers maintain the security and compliance required to comply with FISMA standards and mandates.

Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act (HIPAA) protects sensitive patient data. Any data center that stores, transmits or processes electronic Protected Health Information (ePHI) must comply with standards and citations to meet HIPAA compliance.

Aligned Energy’s physical data centers, network and process security measures comply with HIPAA requirements.  We safeguard Protected Health Information (PHI), ensuring the security, privacy, availability and accessibility of data for our healthcare as well as other customers.

Aligned Energy also signs Business Associate Agreements (BAAs) with our customers and their clients.

ISO 27001:2013

ISO 27001:2013 provides an internationally recognized best practice methodology for the implementation, management, maintenance, and continuous improvement of information security within an organization.

The certification demonstrates Aligned Energy’s ability to manage sensitive company information including people, processes and IT systems.  Aligned’s Information Security Management System (ISMS) conforms with documented ISO 27001 standards, ensuring system security.

M&O Stamp of Approval

Aligned Energy’s M&O Stamp of Approval demonstrates organizational excellence across operations, risk management and efficiency.

Developed by the Uptime Institute, the M&O Stamp of Approval certifies that Aligned Energy’s data centers are operated reliably and efficiently to support 24x7 uptime performance and minimize the risk of errors and failures that could derail digital business platforms.

The M&O Stamp of Approval validates Aligned Energy’s critical facilities management and operations practices, encompassing staffing and organization practices, maintenance and operations activities, management, and upstream planning and decision-making.

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that store, transmit or process any credit cardholder data.

Aligned Energy data centers meet PCI DSS compliance standards, protecting sensitive cardholder data through physical, network and infrastructure security.

Aligned Energy limits access to racks, suites, cages, and power and network infrastructure to authorized personnel only. Additional security measures across facilities encompass card reader access; 24x7x365 on-site security; mantraps; dual authentication (biometrics and badge readers); event-driven IP video surveillance; and visual light-based alerts.

Aligned’s fully redundant power and networks also ensure customers’ critical data and applications are always accessible.

Copies of certifications are available to customers, qualified prospective customers and partners upon request.  For more information or copy requests, please contact sales@alignedenergy.com.