Discovia continues to lead the ediscovery industry in security with ISO 27001, HIPAA, and HITECH recertifications.
San Francisco, CA (PRWEB) August 28, 2017
Discovia, a Lighthouse company and leading global provider of ediscovery services to corporations, law firms and government entities, has achieved ISO 27001 recertification for the next three years. This certification covers Discovia’s information security management system supporting electronic data discovery, forensic data collection and analysis, electronic data hosting, consulting, data processing and production services. The certification was performed by Schellman & Company, LLC, an ANAB and UKAS accredited Certification Body based in the United States. In addition, the company completed an assessment confirming that Discovia is compliant with applicable Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) security rules and breach reporting requirements.
“Data security is of the utmost importance to our customers,” said Christian Lawrence, founder and executive vice president at Discovia, a Lighthouse company. “These recertifications are a testament to our investment of time and money developing robust infrastructure and operational excellence in all things security. Our program features over 100 security controls, business continuity plans and experienced, well-trained employees committed to information security and data privacy best practices.”
ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system. The standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the organization’s overall business risks. It sets forth a risk-based approach that focuses on adequate and proportionate security controls that protect information assets and give confidence to interested parties.
HIPAA requires organizations engaged in handling electronic Protected Health Information (ePHI) to implement the necessary systems, procedures, and policies to secure such information. In addition the HITECH Act includes provisions that require organizations that store ePHI to implement procedures to report any breach of unprotected ePHI.
For more information about this announcement, please reach out to info(at)discovia(dot)com.
About Discovia, A Lighthouse company
Discovia, a Lighthouse company, provides electronic discovery services to corporations and law firms engaged in litigation, ITC investigations, and internal and regulatory investigations, including HSR Second Requests. Services include onsite and remote data collections, data minimization, data processing and hosting, expert application of leading technology-assisted review tools, document review management, and document productions. Discovia is one of the only eDiscovery services providers to achieve ISO 27001 certification and HIPAA/HITECH compliance for data security according to third-party auditors. Discovia is the first to publish its accuracy rate – 99.7 percent, and typically achieves data culling rates of 95 percent for repeat clients. Discovia is the first eDiscovery services firm to deliver a fixed-price managed services solution, enabling corporate legal departments and law firms to gain a world-class eDiscovery function with complete cost predictability. More information is available at (415) 392-2900 or http://www.discovia.com.
Schellman & Company, LLC is a leading national provider of attestation and compliance services - and the only company in the world that is a CPA firm, an ISO Certification Body, a globally licensed PCI Qualified Security Assessor Company, a HITRUST assessor, and a FedRAMP 3PAO. Renowned for expertise tempered by practical experience, our professionals provide superior client service balanced by steadfast independence. Schellman’s approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives using a single third party assessor.