TurnKey Internet - IT On Demand


TurnKey owns and operates its SSAE-18 SOC 1 & SOC 2 certified, HIPAA compliant datacenter located in New York's Tech Valley region. Owning our datacenter, we have been able to design, build and maintain every aspect of its construction to provide an ideal hosted server environment. Our Albany New York datacenter was a former U.S. Government building that was purchased by TurnKey in 2010. It is made to U.S. Federal Government standards, with 1-foot thick concrete along the perimeter, p lus additional re-inforced walls and security enhancements. We have installed advanced security systems, and infrared based surveillance monitoring cameras.

View TurnKey Internet's SSAE-18 SOC 1 & SOC 2 - HIPAA Audit Compliance Documentation

Employees all undergo background screening, and clients are not permitted within the facility except with photo ID and escorted by trained security personnel at all times.

It is upon our foundation of security that we are able to provide our customers with a variety of industry-specialized options such as:

PCI DSS Compliant Hosting
SOX Complaint Hosting
SSAE 16/18 Compliant Hosting
SAS 70 Compliant Hosting
HIPAA Compliant Hosting
HITECH Compliant Hosting

Whether you are a direct customer or an IT company working on behalf of your clients, TurnKey Internet can help guide our customers through the processes required to acheieve even the most stringent and tough certifications.

SSAE-18, SSAE-16 & SAS 70 Compliance

SSAE 18 SOC 2 Compliant

TurnKey Internet is in full compliance with SSAE-18 SOC 1 and SOC 2 standards set forth by a certified independent CPA. SSAE 18 is a set of guidelines for reporting on the level of controls at a service organization. All data stored within the server adheres to the SSAE-18 security guidelines.

View TurnKey Internet's SSAE-18 SOC 1 & SOC 2 - HIPAA Audit Compliance Documentation

Turnkey Internet and our Albany New York Datacenter operate in compliance with the SSAE-18 both SOC 1 and SOC 2 requirements and certified controls to secure the transfer of sensitive business data. Our datacenter technicians adhere to the strict guidelines to ensure servers are managed in accordance to SSAE standards.

The Statement on Standards for Attestation Engagements No. 18, or simply SSAE-18, is a set of guidelines for reporting on the level of controls at a service organization. The guidelines were created by the AICPA and went into effect April 2016; replacing SSAE-16 and SAS 70 as the auditing standard for service organizations.

The new standard of reporting on internal controls of a service organization was drafted in order to update organizations in the US service industry to reporting standards that complies with the International Standard on Assurance Engagements No. 3402 (ISAE 3402). There are two types of reports for SSAE-18 along with the addition of a new reporting framework, the Service Organization Control (SOC). TurnKey Internet is certified on both SOC 1 & 2 - the highest level standards for security, availability, and processing integrity of sensative data.

HIPAA Compliance

hipaa it requirements

TurnKey Internet adheres to the standards set forth by The Health Insurance Portability and Accountability Act (HIPAA). An audit system was established by HIPAA to ensure datacenter facilities are following a strict code of Federal Regulation set forth by independent inspectors.

This system was established to secure the transfer and storage of Protected Health Information (PHI) of patients. Our datacenter is in compliance with all 19 HIPAA standards, meaning all server hosted are secure enough to store PHI which is important for those working within the healthcare industry.

View TurnKey Internet's SSAE-18 SOC 1 & SOC 2 - HIPAA Audit Compliance Documentation

In order for a datacenter to be HIPAA compliant they must first pass a rigorous audit to ensure that the facility follows the Code of Federal Regulation (CFR) set by HIPAA inspectors. The inspectors take a detail look into the inner workings of a datacenter to ensure that any and all data stored inside are protected and only available to those authorized to view them.

They also check to see if a Business Associate Agreement (BAA) is made between the hosting provider and clients with data that are PHI. Any violation of a patient’s PHI are reported to the Office of Civil Rights (OCR). A Business Association Agreement binds employees of both parties to report any such violations.


HITECH Compliance

The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, was signed into law on February 17, 2009, to promote the adoption and meaningful use of health information technology. Subtitle D of the HITECH Act addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules.

View TurnKey Internet's SSAE-18 SOC 1 & SOC 2 - HIPAA Audit Compliance Documentation

PCI DSS Compliance

datacenter certifications

TurnKey Internet Data Centers are PCI compliant and offer your business trusted and secure support for all credit card transactions processed on line. PCI DSS standards were created in 2004 to curb high-profile security breaches by the founding brands of the PCI Security Standards Council. Those brands included the following: American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International.

View TurnKey Internet's SSAE-18 SOC 1 & SOC 2 - HIPAA Audit Compliance Documentation

The Payment Card Industry Data Security Standard (PCI DSS) protects consumer security for all businesses that process transactions using credit cards. Our specialist’s work hard to ensure consumer identity is protected and that all controls are in place at all times.

Through the use of PCI hosting standards, server hosting procedures are implemented to ensure a secure environment for credit card processing.

The standards are updated by the Council, as needed, to stay up-to-date with new or modified requirements. To be considered PCI compliant, businesses must meet all of the required standards sufficiently.

Guaranteeing security and meeting requirements can be a tricky task for some businesses and the fine imposed for violations doesn’t make it any easier.


SOX Compliance

The Sarbanes-Oxley Act of 2002 was created to protect investors from accounting fraud, specifically that which is related to shares sold by publicly traded corporations. The Sarbanes-Oxley Act is a deliberate effort to mandate strict reforms regarding how corporations make financial declarations. This law mandates increased vigilance with regards to disclosures related to the financial state of the company, particularly when it comes to earnings and profitability.




TurnKey Internet provides, in writing, our 30-day no-questions-asked Money-Back Guarantee. Your satisfaction is our top priority, and we're confident that you will love our TurnKey Services.

Our 30-Day Money-Back Guarantee gives you plenty of time to test us out and see for yourself how Great TurnKey Internet's Service is for your business.