HaystackID Achieves SOC 2 Type 2 Certification Across All Trust Services Criteria for Third Consecutive Year

Global News

13
Sep
2023

Editor

HaystackID, a specialized eDiscovery services firm supporting law firms and corporate legal departments, announced today it has successfully received Service Organization Control for Service Organizations (SOC 2) Type 2 certification in all five trust services criteria for the third year in a row.

The assessment showcases the company's unwavering commitment to security, availability, processing integrity, confidentiality, and privacy. Including HaystackID's five acquisitions since 2018, the firm has consistently maintained these high standards for the past eight years without fail.

"Maintaining SOC 2 Type 2 certification across all five trust services criteria for three consecutive years highlights HaystackID's dedication to data security," said Evan Craghead, Chief Technology Officer at HaystackID. "This achievement demonstrates the strength of our controls and policies that protect the confidentiality, privacy, and integrity of our clients' data. Our customers' trust is non-negotiable, and we will continue undergoing rigorous third-party audits like SOC 2 to provide our customers with assurance that their information remains secure with HaystackID."

The independent audit was conducted by Wipfli LLP, a national accounting and consulting firm, using criteria developed by the American Institute of Certified Public Accountants. It ensures the protection of customer data and establishes an organization's reliability and credibility to meet its commitments and system requirements by testing for five trust services criteria, each measured by a set of controls and testing standards from the AICPA:

• Security – The system is protected against unauthorized access, use, or modification.
• Availability – The system is available for operation and use.
• Processing Integrity – System processing is complete, valid, accurate, timely, and authorized.
• Confidentiality – Information designated as confidential is protected.
• Privacy – Personal information is collected, used, retained, disclosed, and disposed.

"The SOC 2 Type 2 certification is a high bar that few companies can clear across all five trust services criteria," said Michael Cammack, Vice President of IT Security at HaystackID. "By meeting these stringent standards, we've shown our unwavering dedication to protecting our clients' data. Our customers can trust that we have the controls, policies, and procedures in place to keep their information secure."

The report is a testament to the design of HaystackID's discovery management system, self-reporting, and span of expertise and engagement. A true mark of holistic security is the ability to attest in all five trust services criteria, demonstrating the continued success of quality systems and processes in place.

"We have always worked to ensure our company's security – maintaining this achievement through a third-party auditor is further proof that we continue to do right by our clients," said HaystackID CEO Hal Brooks. "Law firms and corporate legal departments that want to ensure their data is protected can have the utmost confidence in HaystackID, as our unwavering commitment to security speaks volumes."