Cloud Security Compliance

To assure your personally identifiable information (PII) and financial data is securely managed, Melissa has been accredited with a number of certifications.

Melissa continually undergoes independent security audits to reinforce our commitment to data security, privacy, and compliance requirements. These certifications underscore Melissa’s commitment to security and quality.

SOC 2 Type 1 and Type 2

SOC2 examinations are based on standards set forth by the American Institute of CPAs (AICPA). The process is widely recognized for establishing ethical and auditing practices for private companies, nonprofit organizations, and federal, state and local governments, and represents that a service organization has been through an evaluation of their control activities as they relate to applicable Trust Services Principles and Criteria. Conducted in accordance with the group’s SOC reporting standards, Melissa’s audit was executed by SSAE 16 Professionals, LLP, one of the nation's leading CPA firms performing SOC2 examinations. Melissa has successfully obtained SOC 2 Type 1 and Type 2 certifications.

  • Type 1
    SOC 2 Type 1, a report on management’s description of the service organization’s system and the suitability of the design of the controls.

  • Type 2
    SOC 2 Type 2, a report on management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls.

Healthcare, providers, financial institutions, government agencies, and third-party data vendors dealing with PII are required to comply with all data security standards outlined in the Health Insurance Portability & Accountability Act (HIPAA) and meet the most stringent data security guidelines of HITECH. Melissa holds HIPAA and HITECH certification and is in the process of mapping all controls to the HITRUST standard.

Industry Compliance

Leveraging 30 years of experience and deep domain knowledge, Melissa address verification solutions combine reference databases for over 240 countries and territories, support for diverse character sets, and postal certification to deliver high quality, trusted data for more than 10,000 clients worldwide.

Project US@ - Unified Specification for Address in Health Care
Project US@ was established by the Office of the National Coordinator (ONC) for Health Information Technology to create standards for patient address information, an important data element that has a significant impact on patient matching and record linkage. It’s clear that a robust national patient matching strategy is fundamental to successful interoperability and the nation’s health information technology infrastructure. Melissa’s Address Object® and Personator® data quality tools are in compliance with the Project US@ Technical Specification for Patient Addresses Domestic and Military, Version 1.0. These products have the ability to validate address information at the point of entry in patient registration, and standardize address information according to United States Postal Service® (USPS®) guidelines. These tools also provide clients additional options to multisource the data from other address data sources, further covering approximately five million additional addresses where the USPS does not deliver. Tools like Melissa’s Address Object and Personator help improve data standardization which is paramount to the continuum of care, helping improve clinician trust in the information they are seeing, eliminate operational inefficiencies, optimize clinical outcomes and even reduce patient harm.

USPS® CASS™/DPV® Certification
CASS (Coding Accuracy Support System) is provided by the United States Postal Service® (USPS) to test vendor software and ensure the accuracy of address coding is within 99.9% of the quality threshold. When DPV is applied to CASS processing using USPS authoritative reference data, it certifies that an address can actually receive mail to the delivery point. Melissa’s address verification solutions utilize a CASS Certified™ engine to help businesses keep address data clean, standardized and compliant. Learn more about Melissa CASS Certification here.

USPS NCOALink® and Canada Post® NCOA Certification
USPS NCOALink processing matches a customer file against the USPS dataset of permanent moves over the last 48 months to move update mailing addresses and prevent undeliverable-as-addressed (UAA) mail. NCOALink processing is an approved method to meet the USPS Move Update requirement for discounted mail. Canada Post NCOA matches a customer file against the Canada Post dataset of permanent moves over the last 72 months. Melissa is a non-exclusive, full-service provider of both NCOALink and Canada NCOA. Learn more about Melissa NCOA Services here.

USPS PAVE™ Certification
PAVE software certification is provided by the USPS to determine the accuracy in presorting address files that are destined for bulk mail services through the Post Office™. Presorted mailing is quicker and easier for the Post Office to process, so they provide discounted pricing for mail that is accurately presorted. Melissa’s address verification solutions are PAVE certified.

International Postal Certification
Melissa’s international address verification solutions are able to parse, analyze, correct, and format addresses according to local postal standards to ensure your mail gets to the right address. Melissa holds Canada Post SERP®, Royal Mail, and EIRcode® certifications for address verification in Canada, the United Kingdom, and Ireland. Learn more about Melissa’s postal agency partners and the official postal data we offer here.