Tri-Win achieves SOC 2 and HIPAA data security compliance; Firm is dedicated to IT integrity and healthcare data security

Eric Seward March 24, 2016

DALLAS, March 14, 2016 (GLOBE NEWSWIRE) — Tri-Win Direct, a national leader in direct mail marketing and printing services, has achieved compliance with the rigorous data security requirements of the Service Organization Controls 2 (SOC 2) standard and the consumer healthcare privacy controls of the Health Insurance Privacy and Portability Act (HIPAA).

The demanding third-party examinations that led to compliance with the data security and consumer privacy standards were administered by the IT assurance and compliance professionals at 360 Advanced, a national Qualified Security Assessor and Certified Public Accountant firm based in Tampa, FL. The two reports were completed together in an integrated process known as compliance bundling that saves significant staff time and money for the client.

The SOC 2 report attests to the effectiveness of the data management controls a company has in place that relate to security, availability, processing integrity, confidentiality and privacy. The HIPAA audit reflects Tri-Win’s demonstration of adherence to federally-required standards for the privacy of protected health information, the security of electronic protected health information, and breach notification to consumers.

“This gives us the opportunity to go after the larger clients who have more policies and procedures in place and require more data security due diligence of their service providers. Completing the audits demonstrates our IT security, physical security and dedication to data privacy in everything we do,” said Scott Swanner, Director of Operations at Tri-Win. “With the HIPPA audit completed, the door is opened to work with more and larger healthcare organizations, so it definitely gives us a competitive advantage.”

Swanner said potential clients are beginning to specify completion of the data security audits as a condition of doing business, and he believes compliance audits will be more of a requirement going forward. “The good news is we were already informally adhering to a lot of the data security and privacy procedures, and now we have formalized and documented those processes so they will be an integral component of our company culture and we can prove it,” he said.


Tri-Win Direct launched in 1996 to be the premier source for direct mail marketing and printing services for clients nationwide. In 2015, the Tri-Win team of 83 employees produced almost 160 million pieces of marketing collateral for more than 150 clients. Tri-Win creates, produces, and delivers effective direct mail designed to get attention and accomplish results. From postcards and self-mailers to snap packs and statements, Tri-Win has the format, method, and rate that fit all businesses. The company name Tri-Win defines its culture: A three-way win for the client, the company itself and its employees. For more information, please visit


Known for its responsiveness, experience and professionalism, 360 Advanced has clients in more than 35 states that are major service providers in various industries, including cloud and SaaS based organizations. 360 Advanced is one of only a few specialized firms in the U.S. that assist service providers as their independent assessor in maintaining and communicating security and compliance to their clients.

360 Advanced’s services are provided, but not limited to, the following industries: Title Services, Hosted and Managed IT, Data Center and Colocation, Software as a Service (SaaS), Healthcare, Financial Services, Insurance, HR | Payroll | PEO, Legal and Collections, Bulk Mail Printing and Distribution, Background Screening, Business Process Outsourcing and Marketing.

Services provided by 360 Advanced include SOC 1 (SSAE 16), SOC 2, SOC 3, PCI DSS, HIPAA Security/HITECH, Microsoft Vendor Policy and other security and compliance services.