HaystackID™ Earns SOC 2 Type II Attestation in All Five Trust Service Areas
Global News

Haystack logoHaystackID, a specialized eDiscovery services firm supporting law firms and corporate legal departments, announced today it has successfully received Service Organization Control for Service Organizations (SOC 2) Type II attestation in all five trust service areas.

The examination involved an independent audit that demonstrated the company’s internal controls for security, availability, processing integrity, confidentiality and privacy related to its discovery management system. HaystackID is one of a few companies to attain such a broad achievement in all five areas, the most comprehensive attestation within the SOC protocol.

LTC4 banner

The independent audit was conducted by Wipfli LLP, a national accounting and consulting firm, using criteria developed by the American Institute of Certified Public Accountants. It ensures protection of customer data and establishes an organization’s reliability and credibility to meet its commitments and system requirements by testing for five trust principles, each measured by a set of controls and testing standards from the AICPA Trust Services Criteria:

  • Security – The system is protected against unauthorized access, use or modification.
  • Availability – The system is available for operation and use.
  • Processing Integrity – System processing is complete, valid, accurate, timely and authorized.
  • Confidentiality – Information designated as confidential is protected.
  • Privacy – Personal information is collected, used, retained, disclosed and disposed.


“By achieving the SOC 2 Type II attestation, HaystackID has demonstrated its ability to effectively and successfully design and implement comprehensive companywide operating and security protocols,” HaystackID Chief Operating Officer Andy Parrish said. “Many aspire to, but few attain attestation in all five trust service areas. This unique achievement provides our clients with assurance that the controls and safeguards we employ to protect and secure their data make us a partner they can trust.”

The report demonstrates how HaystackID’s discovery management system is designed, implemented and operated to provide assurance that its service commitments and system requirements were achieved based on the trust services criteria. A true mark of holistic security is being able to attest in all five areas.


HaystackID initially gained and maintained SOC 2 Type II status over seven years ago. In 2014, the company achieved SOC 2 Type II attestation for the trust service areas of security and availability through its 2019 acquisition of eTERA Consulting. Additionally, in 2018, the company added attestation in three areas, security, confidentiality and availability through its 2020 acquisition of NightOwl Global. HaystackID’s current SOC 2 Type II attestation in all five trust service areas represents the achievement of a consolidated and fully integrated discovery management system, including all acquired companies.

“The privacy and security of our customers as well as the reliability of our services are paramount to our success,” HaystackID CEO Hal Brooks said. “Law firms and corporate legal departments that want to ensure that their data is protected can have even more confidence that the safeguards HaystackID has in place are industry leading.”


Copyright © 2021 Legal IT Professionals. All Rights Reserved.

Our Newsletter
All the legaltech headlines in your mailbox once a week? Sign-up now! 

Media Partnerships

We offer organizers of legal IT seminars, events and conferences a unique marketing and promotion opportunity. Legal IT Professionals has been selected official media partner for many events.

development by