Skip to content
Data stored on an HDD platter

Digital Forensics—Don’t Risk Destroying Digital Evidence

By John Ahearne, Forensic Analyst When data is is needed for use as evidence, it…

Read more

May 1–2: U.S. Courts CSA IT Conference

San Diego, CA • May 1–2 DriveSavers will be one of only 25 top technology…

Read more

DriveSavers is the only data recovery service provider in the industry to post proof that it undergoes an annual, company-wide SOC 2 Type II audit to guarantee data security during the data recovery process. With more than 10,000 business partners worldwide serving the financial, healthcare, government and corporate business sectors, it’s absolutely essential for our customers to know that DriveSavers can protect the integrity of their data.

—Michael Hall, CISO, DriveSavers

About the Clifton Larson Allen

LLP SOC 2 Type II Audit

DriveSavers undergoes an annual SOC 2 Type II audit of its internal data hosting and processing controls to guarantee that our data recovery services uphold the stringent data security and privacy protocols mandated by the corporate clients and government agencies we serve. These annual audits are conducted by control-oriented professionals from CliftonLarsonAllen LLP, an independent firm with experience in accounting, auditing and information security. At the end of each annual audit period, a successive six-month “look back” audit begins, and an updated report is generated reflecting the dates for which records were reviewed. The “look back” period is reflected in the dates on the report posted here.

Benefits of Working with

an Audited Data Recovery

Service Provider

By posting proof that DriveSavers undergoes a company-wide audit on an annual basis, it differentiates itself from all other data recovery service providers in the industry today. This audit verifies our qualifications to handle enterprise-class recoveries, and support those customers who must maintain compliance with data privacy and data security regulations such as:

  • NIST (National Institute of Standards & Technology) SP 800.34 (Rev.1)
  • HIPAA (Health Insurance Portability and Accountability Act)
  • FERPA (Family Educational Rights and Privacy Act)
  • SOX (Sarbanes-Oxley Act of 2002)
  • GLBA (Gramm-Leach-Bliley Act of 1999)

An annual audit guarantees our customers and partners that only authorized data recovery engineers have access to their personal and confidential data. Once the recovery process is complete, data is stored on our secure network until the integrity of the recovered data is verified. Custom solutions are offered for recoveries on encrypted files and drives. Data is protected during transit to and from our facility. Should instant access of the recovered data be required, data is transmitted via a secure FTP site. Secure and permanent data destruction is available upon request.

An annual SOC 2 Type II audit is mandated by many of our data recovery customers:

  • Publicly-traded companies who must comply with the Sarbanes-Oxley Act of 2002 through a SOX audit for SOX compliance
  • Companies with legally-protected customer information, such as financial institutions
  • Businesses that must protect health information (HIPAA)
  • Universities with protected student information (FERPA)
  • Loan originators and credit rating agencies and their providers (FCRA, GLBA)
  • Providers of services involving eCommerce (WebTrust, PCI)

HIPAA Security Compliance

Tested and Trusted

In addition to our annual SOC 2 Type II audit, DriveSavers also undergoes HIPAA security compliance audits conducted by independent third parties. HIPAA security compliance validates our ability to handle protected health information on behalf of healthcare providers, health plans, healthcare clearinghouses and all other HIPAA covered entities in the healthcare industry.

View our HIPAA security compliance audit.

Back To Top
Search