Security Commitment

Secure, Certified & Trusted
Hand showing showing hologram of key and different security features

Security Is Our Priority

We adhere to the industry's highest standards

At Case Status, safeguarding your data is more than a responsibility—it’s our unwavering commitment. We adhere to the industry's highest standards of security and privacy, ensuring that the personal information of our customers and their clients is protected at every level. Our dedication to maintaining a secure, compliant environment is embedded in everything we do, from our technical infrastructure to our internal policies and even the way we train and hire our team. Your trust is our top priority, and we work tirelessly to protect it.

Smiling woman in black turtleneck sitting at a desk in a bright modern office.
Angelina Multari
Angelina Multari
"Radical transformation of client engagement isn't just on the surface. This vision runs deep into the technology and systems that help each firm scale to have a better brand experience and optimal operational excellence. A fundamental pillar of our platform is performance and security. We continually make a concerted effort to prioritize information security, data privacy, and compliance initiatives across our platform. Protecting our customers and their data is a top priority.
Portrait of a man with curly brown hair and blue eyes wearing a light blue buttoned shirt against a white background.
Charles Lane
Chief Technology Officer - Case Status

Embracing a Culture of Security

At Case Status, security isn't just a policy—it’s a core value that drives everything we do. From day one, we embed security into every level of our organization. Potential employees undergo thorough background checks, ensuring only those committed to protecting your data join our team. Once onboarded, every employee receives comprehensive security training, equipping them with the tools and knowledge to implement our stringent security protocols. This training doesn’t stop there—we provide ongoing education to ensure our team stays ahead of evolving security threats. We believe that every employee plays a critical role in safeguarding your data, and we cultivate a strong, proactive security culture to keep your firm and clients safe.

Man holding out two hands, image of secure lock on one, image of man on the other
Person touching button on screen that says compliance

Data Protection is Paramount

At Case Status, we go above and beyond to protect our clients' data. Every employee is required to follow strict security protocols, including our robust password security and lockout policies. We mandate the use of two-factor authentication (2FA) and secure Wi-Fi connections to prevent unauthorized access and ensure that every interaction remains secure.

Empowering Secure Development Practices

Our IT developers follow industry-leading coding standards and best practices, implementing the principle of least privilege to minimize security risks. Two-factor authentication is employed across all possible areas, reinforcing our defense strategy. Additionally, we apply multiple layers of encryption to protect sensitive data, ensuring that our clients' information is always secure and confidential.

IT developer looking at large screen of coding

FAQ

SOC 2® Type I & II Compliance

At Case Status, we are committed to ensuring we deliver the highest standards of security for our customers. One of the ways we’ve demonstrated this commitment is by pursuing SOC 2 compliance.



After undergoing this rigorous third-party assessment of our security controls, we are proud of obtaining a SOC 2 Type I & II report relevant to security, confidentiality, availability, privacy, and processing integrity.



Passing the audit means we conform to the American Institute of Certified Public Accountants ("AICPA") SOC 2 standard, which measures security, confidentiality, availability, privacy, and processing integrity and serves as assurance that your data is being managed in a controlled and audited environment.



The SOC 2 audits were conducted by Modern Assurance, an independent, third-party accounting and auditing firm who evaluated our processes, procedures, and controls for security, confidentiality, availability, privacy, and processing integrity. SOC 2 Type Iwas completed in September 2023. SOC2 Type II was completed in July 2024.



This is not the end for our journey. We are committed to carrying out ongoing SOC 2 audits to ensure we continue to sustain the high standards that we have put in place and keep supporting our customers' needs. We’ll continue to partner with Secureframe to achieve this milestone and continuously track, monitor, and remediate any compliance needs.

Cloud Partner: Amazon Web Services (AWS)

At Case Status, we leverage the power of Amazon Web Services (AWS), the industry leader in cloud computing, to ensure top-tier security, redundancy, and business continuity. AWS provides on-demand access to vital IT resources like computing power, storage, and databases, without the need to buy, own, or maintain physical data centers. This pay-as-you-go model allows us to scale efficiently while maintaining the highest standards of reliability and security.

HIPAA Compliance

We are committed to certifying against industry-recognized, independent standards to provide assurance about our security controls. As many legal practices also work with clients who are patients, we have fully met the stringent security requirements of the Health Insurance Portability and Accountability Act (HIPAA). This demonstrates our dedication to protecting personal health information (PHI) and adhering to critical security standards.

GDPR Compliant

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, across the EU. It replaced the European Data Protection Directive 95/46/EC, enhancing the protection of personal data for EU individuals and giving them more control over how their information is used both within the EU and globally. GDPR aims to unify the regulatory landscape for businesses handling the personal data of EU residents.



Who Does GDPR Affect?

GDPR applies to any business processing personal data of EU residents. Businesses are classified as either data controllers—those who collect and manage personal data—or data processors, who handle personal data on behalf of a data controller. GDPR also broadens the definition of "personal data" to include information such as location data, online identifiers (like IP addresses), and other electronic metadata. Failure to comply with GDPR can result in substantial fines for businesses.



How Does Case Status Address GDPR?

At Case Status, we recognize GDPR as a crucial regulation that safeguards individuals' rights to control access to their personal data. We are fully committed to helping our customers meet their GDPR obligations. We have updated our platform and business operations to comply with GDPR guidelines, ensuring that we fulfill our responsibilities as both a data controller and data processor.Our Terms of Service and Privacy Policy explicitly outline our role as a data processor for law firms. We continue to support law firms in their role as data controllers by providing the tools and services necessary to meet GDPR requirements. Our Privacy Policy details how personal data is collected, stored, and secured, as well as how individuals can contact Case Status about their data. With industry-leading security measures and advanced features, Case Status ensures that your data remains protected at every step.For more general information on GDPR, please visit the Information Commissioner’s Office website.