BYOeDD (Bring Your Own eDiscovery Disaster)
Originally published by Nuix. There are more active mobile devices in the world than human beings—and…
eDiscovery Rules Applied to Social Media: What This Means in Practical Terms for Businesses
Originally published by FindLaw. By Michelle Sherman Companies are on social media. They are interacting…
4 Survival Tips For Legaltech West Coast
Originally published by Legaltech News. Legaltech West Coast is right around the corner. Check out these…
How to Handle Anonymously Received but Privileged Documents
Originally published by Compelling Discovery. What do you do if you receive documents from an anonymous…
Discovering Deflategate: What Tom Brady, Gisele Bundchen, and the NFL Can Teach Us about eDiscovery
Originally published by The Relativity Blog By David Horrigan When most of us tell friends and…
Fitbits, Wearable Tech, and the Impending eDiscovery Deluge
Originally published by FindLaw. By Mark Wilson, Esq. The eDiscovery revolution begun in the late '90s…
3 Mistakes Lawyers Make Responding to ESI Requests
Originally published by FindLaw. By Mark Wilson, Esq. Electronic discovery is the name of the game…
Managing the CSI Effect in Jurors
Originally published by the American Bar Association. By Katie L. Dysart – May 28, 2012 The…
Hidden Gold in Governance
Originally published by California Lawyer. by Susan Kuchinskas | May 2015 The discipline known as information…
eDiscovery Cost Shifting – Why You Should be Considering it for All of Your Matters
Originally published by eDiscovery News. Cost shifting is the concept of shifting the expense associated with…
Spotlight on Electronic Discovery: Challenges Presented by the Internet of Things
Originally published by JD Supra Business Advisor. eDiscovery is poised to enter a new revolution…
Legal Issues with Cloud Forensics
Originally published on Forensic Magazine. Unfortunately, many companies have entered the cloud without first checking the…
DriveSavers is the only data recovery service provider in the industry to post proof that it undergoes an annual, company-wide SOC 2 Type II audit to guarantee data security during the data recovery process. With more than 10,000 business partners worldwide serving the financial, healthcare, government and corporate business sectors, it’s absolutely essential for our customers to know that DriveSavers can protect the integrity of their data.
—Michael Hall, CISO, DriveSavers
About the Clifton Larson Allen
LLP SOC 2 Type II Audit
DriveSavers undergoes an annual SOC 2 Type II audit of its internal data hosting and processing controls to guarantee that our data recovery services uphold the stringent data security and privacy protocols mandated by the corporate clients and government agencies we serve. These annual audits are conducted by control-oriented professionals from CliftonLarsonAllen LLP, an independent firm with experience in accounting, auditing and information security. At the end of each annual audit period, a successive six-month “look back” audit begins, and an updated report is generated reflecting the dates for which records were reviewed. The “look back” period is reflected in the dates on the report posted here.
Benefits of Working with
an Audited Data Recovery
Service Provider
By posting proof that DriveSavers undergoes a company-wide audit on an annual basis, it differentiates itself from all other data recovery service providers in the industry today. This audit verifies our qualifications to handle enterprise-class recoveries, and support those customers who must maintain compliance with data privacy and data security regulations such as:
- NIST (National Institute of Standards & Technology) SP 800.34 (Rev.1)
- HIPAA (Health Insurance Portability and Accountability Act)
- FERPA (Family Educational Rights and Privacy Act)
- SOX (Sarbanes-Oxley Act of 2002)
- GLBA (Gramm-Leach-Bliley Act of 1999)
An annual audit guarantees our customers and partners that only authorized data recovery engineers have access to their personal and confidential data. Once the recovery process is complete, data is stored on our secure network until the integrity of the recovered data is verified. Custom solutions are offered for recoveries on encrypted files and drives. Data is protected during transit to and from our facility. Should instant access of the recovered data be required, data is transmitted via a secure FTP site. Secure and permanent data destruction is available upon request.
An annual SOC 2 Type II audit is mandated by many of our data recovery customers:
- Publicly-traded companies who must comply with the Sarbanes-Oxley Act of 2002 through a SOX audit for SOX compliance
- Companies with legally-protected customer information, such as financial institutions
- Businesses that must protect health information (HIPAA)
- Universities with protected student information (FERPA)
- Loan originators and credit rating agencies and their providers (FCRA, GLBA)
- Providers of services involving eCommerce (WebTrust, PCI)
HIPAA Security Compliance
Tested and Trusted
In addition to our annual SOC 2 Type II audit, DriveSavers also undergoes HIPAA security compliance audits conducted by independent third parties. HIPAA security compliance validates our ability to handle protected health information on behalf of healthcare providers, health plans, healthcare clearinghouses and all other HIPAA covered entities in the healthcare industry.