Defining what it means to be SSAE 16 Certified


It’s the gold standard that very few know about, and it could be the only thing that stands between your employee’s data and a potential security breach


SSAE 16 is short for the “Statement on Standards for Attestation Engagements No. 16” which was created by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). This regulation became the new standard for reporting on service organizations in June 2011, replacing SAS 70. Now, what does all of that actually mean?


Essentially it all boils down to protecting sensitive information that our company has access to in our system, like social security numbers, private health information, addresses, phone numbers, and more. We understand the importance of securing personal and dependent enrollment information. Our benefit administration and enrollment software is in-house owned and operated, and we undergo regular auditing every 30 days to ensure that our system is in accordance with all SSAE 16 reporting standards.

SSAE 16 is about more than just protecting personal information. These audits also look at our internal procedures as a company—how we interview, hire, and train new employees, our workflow, and our disaster recovery system. It means that our company is doing much more than just meeting the HIPAA requirements. Having this SSAE 16 designation shows that we are consistently going above and beyond the necessary steps. It is our goal to meet and exceed all security and compliance requirements to give our clients the utmost confidence that their employees’ information is kept private and secure.