Salt Lake City, Utah - Filevine, the leading legal work platform, is proud to announce the release of its 2024 Service Organization Control (SOC) 2 Type II and SOC 3 reports, underscoring its continued leadership in data security, privacy and compliance. This marks the fourth consecutive year of SOC 2 audits encompassing Filevine and its product suite, including Vinesign, Lead Docket, and Outlaw.
The rigorous SOC 2 Type II audit, conducted by Marcum LLP—a firm accredited by the American Institute of Certified Public Accountants (AICPA)—evaluated Filevine against the five Trust Services Criteria (TSC): Security, Availability, Processing Integrity, Confidentiality, and Privacy. The twelve-month audit required the submission of nearly 2,000 pieces of evidence, demonstrating Filevine’s robust security practices and dedication to data privacy.
Additionally, Filevine's SOC 3 reports summarize SOC 2 findings in a format suitable for public distribution, offering transparency to Filevine’s diverse clientele, including law firms, attorneys general, and some of the most respected legal organizations across North America and Canada.
“Filevine is strongly positioned to aid legal professionals with best-in-class compliance, privacy, and security programs to protect their data,” said Dean Sapp, Senior Vice President of Information Security at Filevine. “Achieving SOC 2 and SOC 3 compliance reflects our dedication to cybersecurity and our commitment to provide peace of mind to our customers and partners.”
Beyond SOC 2 and SOC 3: A Gold Standard in LegalTech Security
Filevine’s security controls extend well beyond SOC 2 type II compliance. Its platforms are independently verified for alignment with:
HIPAA and HITECH for healthcare-related legal cases.
Criminal Justice Information Services (CJIS) for criminal justice and law enforcement data.
ISO 27002, Annex A security controls.
Filevine is also pursuing the ISO certifications for ISO 27701, ISO 27001, ISO 27017, and ISO 27018— recognized gold standards for international data protection. Furthermore, the company is on track to achieve FedRAMP Moderate “Ready” status by the end of 2025. These achievements highlight Filevine’s ability to meet the diverse security and privacy needs of its clients, including those requiring the highest security protocols.
In addition to risk assessments and audits, the company also regularly employs industry-leading security measures, including privacy impact analysis, penetration testing, and vulnerability assessments to consistently improve its security posture and ensure sensitive legal data is safeguarded.
Why It Matters for Legal Professionals
For legal professionals handling highly sensitive data, robust security measures are non-negotiable. While cyberattacks and data breaches have been on the rise in the legal sector, especially among small and midsize firms, Filevine has maintained a proactive approach to provide powerful cybersecurity measures against these growing threats. Filevine’s multi-cloud, multi-product security assessments ensure that data is protected across all platforms, regardless of client size. Its security-first approach has made Filevine the trusted partner of top attorneys general and government entities, setting a benchmark unmatched in the industry.
A Leader in LegalTech Innovation
As a leader in legal technology, Filevine continues to redefine the way legal professionals manage client work, integrate technology, and ensure data protection. With Vinesign’s secure eSignature capabilities, Outlaw’s advanced contract lifecycle management, Lead Docket’s innovative lead management, and more, Filevine’s matter management ecosystem enables efficient, transparent, and secure operations for organizations of all sizes.
For more information on Filevine’s security achievements and how they can benefit your organization, visitwww.filevine.com/security.