Dedicated to Your Data Security and Privacy

Global has raised the bar in data security and privacy in order to protect the confidentiality, integrity and availability of our clients’ critical information. Global has created multiple, redundant layers of security infrastructure and related processes – layered over a foundation that can only come from operating within the infrastructure of an eDiscovery industry leader. However, we know that security doesn’t end with hardware and software, but instead most focus on the “weakest link”: people. Hence, we maintain policies, standards and procedures for information security and data protection for all Global personnel and which includes training, testing and continually monitoring compliance.

Global’s security and compliance initiatives and certifications include:

ISO 27000

ISO 27000 (Formerly ISO 17799 and BS 7799, these two standards provide guidance on the establishment of risk awareness, policy and security expertise in the format of a security forum, master security policy and compliance management expertise.)

HIPAA

Health Insurance Portability and Accountability Act (HIPAA) (Medical information is secured from unauthorized access, tampering and general threat to privacy through the inclusion of HIPAA compliance processes established throughout the organization.)

PCI DSS

Payment Card Industry Data Security Standard (PCI DSS)  (Credit card information is secured from unauthorized access, tampering and general threat to exposure through the inclusion of PCI Data Security Standards compliance processes established throughout the organization.)

PII

Personally Identifiable Information (PII) (Following guidance from US states laws, pending federal legislation, and international privacy regulations, we have established privacy policy, controls and audit mechanisms to ensure compliance with all US and most international privacy laws and requirements.)

GLBA

Gramm-Leach Bliley Act (GLBA)  (The Gramm-Leach Bliley Act provides regulatory requirements regarding the protection of client financial information. Such policies derived through the ISO 27000 program provide compliance measures meeting all aspects of GLBA guidelines and requirements.)

Service Organization Controls 2

Service Organization Controls 2 – American Institute of CPAs (AICPA)’s Service Organization Controls 2 (SOC 2) security report demonstrating that GLD has met criteria for controls as a service organization for its data center security, redundancy, and disaster recovery.

Safe Harbor

Global Legal Discovery complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.  Global Legal Discovery has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.  To learn more about the Safe Harbor program, and to view our certification, please visit http://www.export.gov/safeharbor/