Security Commitment
Security Is Our Commitment
We adhere to the industry's highest standards
At Case Status, we hold the highest regard for security and privacy. Safeguarding the data we handle, including the personal information of our customers and their clients, has always been and will always be our top-most priority. We believe in an unwavering dedication to ensure a secure and compliant environment is reflected in every aspect of our operations, from our structural framework to our educational pursuits and even our recruitment process.
"Radical transformation of client engagement isn't just on the surface. This vision runs deep into the technology and systems that help each firm scale to have a better brand experience and optimal operational excellence. A fundamental pillar of our platform is performance and security. We continually make a concerted effort to prioritize information security, data privacy, and compliance initiatives across our platform. Protecting our customers and their data is a top priority."
- Charles Lane, Chief Technology Officer - Case Status
Choose a Trusted Parter
Embracing a Culture of Security
The essence of a strong security culture permeates every level of our organization. From the moment potential employees join our ranks, we emphasize the significance of security. Thorough background checks are conducted, ensuring that only individuals committed to upholding our security policies become part of our team. Upon onboarding, all employees receive comprehensive security training, enabling them to understand and implement our stringent security measures. Regular training sessions are conducted throughout their tenure, keeping their knowledge up to date with the latest security practices. We strive to foster a robust security culture among all our employees, recognizing that each team member plays a vital role in fortifying our defenses against potential security breaches.
Data Protection is Paramount
At Case Status, we leave no stone unturned when it comes to protecting our clients' data. All employees are mandated to adhere to our rigorous password security and lockout policy. Furthermore, they are required to utilize two-factor authentication (2FA) and maintain a secure Wi-Fi connection, safeguarding against unauthorized access.
Empowering Secure Development Practices
Our IT developers are well-versed in industry-leading coding and development practices. They are equipped with the knowledge of implementing the principle of least privilege when granting access rights, minimizing potential security risks. By incorporating two-factor authentication (2FA) procedures across all feasible areas, we fortify our defense mechanisms. Moreover, multiple layers of encryption are meticulously applied to ensure the utmost safety and confidentiality of our clients' valuable data.
The Results of Transformative Law Firms That Use Case Status
SOC 2® Type I & II Compliance
After undergoing this rigorous third-party assessment of our security controls, we are proud of obtaining a SOC 2 Type I & II report relevant to security, confidentiality, availability, privacy, and processing integrity.
Passing the audit means we conform to the American Institute of Certified Public Accountants ("AICPA") SOC 2 standard, which measures security, confidentiality, availability, privacy, and processing integrity and serves as assurance that your data is being managed in a controlled and audited environment.
The SOC 2 audits were conducted by Modern Assurance, an independent, third-party accounting and auditing firm who evaluated our processes, procedures, and controls for security, confidentiality, availability, privacy, and processing integrity. SOC 2 Type I was completed in September 2023. SOC 2 Type II was completed in July 2024.
This is not the end for our journey. We are committed to carrying out ongoing SOC 2 audits to ensure we continue to sustain the high standards that we have put in place and keep supporting our customers' needs. We’ll continue to partner with Secureframe to achieve this milestone and continuously track, monitor, and remediate any compliance needs.
Cloud Partner
Amazon Web Services (AWS)
Cloud computing is the on-demand delivery of IT resources over the Internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining physical data centers and servers, we access technology services, such as computing power, storage, and databases, on an as-needed basis from the industry-leading cloud provider Amazon Web Services (AWS). AWS allows us to keep our security, redundancy, and business continuity at the highest levels in the industry.
HIPAA Compliance
Partner with trusted integrations
We Are the #1 Client Portal for Your Case Management Software
GDPR Compliant
The General Data Protection Regulation (GDPR) is a unified data protection law that came into effect on May 25, 2018, in the EU, replacing the European Data Protection Directive 95/46/EC. The law strengthens the protection of personal data belonging to EU individuals and gives them more control over the use of their personal data within the EU and internationally. GDPR aims to unify the regulatory environment for businesses handling the personal data of EU individuals.
Who does GDPR affect?
GDPR applies to all businesses that process personal data for EU residents. Businesses can be defined as either a data controller or a data processor: a data controller collects and oversees the management of personal data, and data processor processes personal data on behalf of a data controller. GDPR also expands the definition of “personal data” to include categories of information such as location data, online identifiers (such as an IP address), and other electronic metadata that was not included in previous data protection laws within the EU. Businesses that do not protect the personal data of EU individuals in accordance with GDPR rules are susceptible to significant fines.
How does Case Status address GDPR?
We believe that GDPR is an important means to ensuring the rights of individuals to control access to their personal information, and we are committed to supporting our customers in meeting their GDPR requirements. We have updated our product and business operations to comply with GDPR guidelines, meeting our requirements as both a data controller and data processor. These updates are reflected in our Terms of Service and Privacy Policy. Privacy Policy Case Status’ Terms of Service explicitly acknowledge our role as a data processor for law firms. Case Status will continue to fulfill that role while providing tools and customer service to help law firms meet their responsibilities as data controllers. Case Status’ Privacy Policy also identifies how personal data is collected and kept secure, and how data subjects may contact Case Status regarding their information. Case Status’ industry-leading security measures protect data stored within and transmitted from the Case Status product. Case Status also provides advanced security features to ensure customers are properly equipped to protect any data stored within Case Status. For general information on GDPR, please visit the Information Commissioner’s Office website.