Industry Audits, Controls and Security

Reliable and Secure Service Delivery

C7 undergoes rigorous audits and control procedures to ensure reliability and security of service delivery. Take comfort in that C7 has strict security policies and technology to ensure your data infrastructure is safe and secure.

  • SSAE 16
  • PCI
  • Scheduled maintenance and testing of power, cooling and networking systems
  • Hourly facility walk through checks
  • Training for data center technicians
  • 2 factor, 5 layer authentication
  • Custom security measures as required
  • 24x7x365 on-site security
  • Video cameras around buildings and throughout facilities
  • Company approved access control list
  • Data center access log
  • Strict facility access protocols
  • Background checks on employees

C7 Data Centers, Inc. understands the importance of ensuring the utmost transparency in
internal controls and procedures. We want our customers to know they can trust C7 to 
provide data center facilities and services that meet the strictest control standards and
industry best practices. To that end, C7 undergoes rigorous auditing of financial, security, and operational controls.


C7 completes an SSAE 16 SOC1 Type II audit, annually. The Statement on Standards for Attestation Engagements (SSAE) includes service auditor reports on the fairness of management’s description of the service organization’s system controls, design, and operating effectiveness over a one year period. C7’s most recent SSAE 16 covers the period between October 1, 2013 and September 30, 2014.


Payment Card Industry Data Security Standard (PCI DSS) helps control and minimize points of risk due to fraud or compromise of sensitive information. C7 adheres to PCI DSS physical security standards to protect customer servers, which may contain credit card data and other sensitive information. C7 received an Attestation of Compliance (AOC) and the accompanying Report on Compliance (ROC) for PCI DSS on January 12, 2015.


The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides federal protections for personal health information (PHI), and specifies administrative, physical, and technical safeguards to assure the confidentiality, integrity, and availability of electronic protected health information (ePHI).

C7 adheres to physical security standards under HIPAA guidelines for the housing of customer servers containing sensitive data, which may contain hardcopy PHI or ePHI data. C7’s most recent HIPAA report on compliance is dated February 4, 2015.

We are pleased to partner with such a high-caliber and well managed data center provider to offer our customers a state of the art data center facility that delivers high performance, availability, as well as excellent security and reliability.

Jeff Hunsaker, President UK2 Group U.S. Operations
HIPAA Simplification

View the HIPAA regulation text with requirements for C7 to be HIPAA compliant.


View the requirements and security assessment procedure for C7 to be PCI DSS compliant.