Press Release

Acquia Announces Successful Completion of HIPAA Audit

BOSTON – September 15, 2015 – Acquia, the digital experience company, today announced that it has successfully completed a Health Insurance Portability and Accountability Act (HIPAA) attestation examination through an independent audit. The successful completion of this HIPAA audit is part of the company’s ongoing commitment to maintaining and affirming adherence to stringent security standards and protocols.

The healthcare laws of the past decade have required hospitals and healthcare providers to improve the digital safeguards put in place for data security and electronically protected health information (ePHI). And for good reason, too. Data breaches have plagued some of the largest healthcare organizations, and the rapid growth of mobile devices in patient care only increases the stakes for protecting patient data. In response, healthcare providers are turning to vendors who help mitigate their risks and allow them to focus on improving patient outcomes. Acquia’s successful HIPAA examination verifies the company’s security practices for healthcare customers. Among Acquia’s healthcare customers are Children’s Hospital of Los Angeles, Northwestern Memorial Hospital, Heartland Dental, Texas Children’s Hospital, El Camino Hospital, Steward Health Care System and Great Ormond Street Hospital.

An independent audit firm evaluated the information security program maintained by Acquia for Acquia Cloud Enterprise and Acquia Cloud Site Factory. The audit determined that as of June 30, 2015, Acquia had security controls in place to meet the Health Information Technology and Clinical Health Act (HITECH) requirements and the essential elements of the HIPAA final security rule, including but not limited to administrative, physical, and technical safeguards and breach notification requirements. By meeting HIPAA/HITECH requirements, Acquia affirms for its healthcare industry customers that its leading open cloud platform meets the increasingly complex requirements for digital experience delivery, and the company implements strict controls to help its customers protect patient data and information.

“At Acquia, we’re committed to mitigating risk for our customers and our internal teams by building security into each and every layer of our infrastructure,” said Alan Nugent, CISO and SVP of security, risk and compliance at Acquia. “Through our successful completion of this HIPAA audit, as well as SOC 1, SOC 2, PCI-DSS, and beyond, we are reaffirming our promise to our customers that we have implemented security controls to mitigate risks to their data.”

Acquia provides security across every layer of its architecture. Key security features include granular access control, two-factor authentication, vulnerability scanning, intrusion detection, and event monitoring. These components extend to Acquia Cloud Enterprise, an open cloud platform for building, delivering, and optimizing digital experiences with greater resiliency, and to Acquia Cloud Site Factory, which allows organizations to deploy and manage dozens or hundreds of sites at breakthrough speed.

The audit was conducted by Schellman & Company, LLC, an affiliate of BrightLine CPAs and Associates, Inc. of Tampa, Fla.

About Acquia
Acquia is the digital experience company. Intuit, Warner Music Group and Stanford University are among the more than 4,000 organizations that are transforming their digital businesses with Acquia’s open cloud platform. Global 2000 enterprises, government agencies and NGOs rely on Acquia to create new revenue streams, lower costs, and engage audiences more deeply through content, community, commerce and context.

For more information visit or call +1 781 238 8600.

# # #

All logos, company and product names are trademarks or registered trademarks of their respective owners.