HaystackID Earns SOC 2 Type II Attestation in All Five Trust Service Areas: Cybersecurity Trends

It’s a three-post day!  Congrats to HaystackID™ for receiving Service Organization Control for Service Organizations SOC 2 Type II attestation in all five trust service areas: security, availability, processing integrity, confidentiality and privacy!  Impressive!  Announcement below and also available here.

WASHINGTON – September 22, 2021 – HaystackID, a specialized eDiscovery services firm supporting law firms and corporate legal departments, announced today it has successfully received Service Organization Control for Service Organizations (SOC 2) Type II attestation in all five trust service areas.

The examination involved an independent audit that demonstrated the company’s internal controls for security, availability, processing integrity, confidentiality and privacy related to its discovery management system. HaystackID is one of a few companies to attain such a broad achievement in all five areas, the most comprehensive attestation within the SOC protocol.

The independent audit was conducted by Wipfli LLP, a national accounting and consulting firm, using criteria developed by the American Institute of Certified Public Accountants. It ensures protection of customer data and establishes an organization’s reliability and credibility to meet its commitments and system requirements by testing for five trust principles, each measured by a set of controls and testing standards from the AICPA Trust Services Criteria:

  • Security – The system is protected against unauthorized access, use or modification.
  • Availability – The system is available for operation and use.
  • Processing Integrity – System processing is complete, valid, accurate, timely and authorized.
  • Confidentiality – Information designated as confidential is protected.
  • Privacy – Personal information is collected, used, retained, disclosed and disposed.

“By achieving the SOC 2 Type II attestation, HaystackID has demonstrated its ability to effectively and successfully design and implement comprehensive companywide operating and security protocols,” HaystackID Chief Operating Officer Andy Parrish said. “Many aspire to, but few attain attestation in all five trust service areas. This unique achievement provides our clients with assurance that the controls and safeguards we employ to protect and secure their data make us a partner they can trust.”

The report demonstrates how HaystackID’s discovery management system is designed, implemented and operated to provide assurance that its service commitments and system requirements were achieved based on the trust services criteria. A true mark of holistic security is being able to attest in all five areas.

HaystackID initially gained and maintained SOC 2 Type II status over seven years ago. In 2014, the company achieved SOC 2 Type II attestation for the trust service areas of security and availability through its 2019 acquisition of eTERA Consulting. Additionally, in 2018, the company added attestation in three areas, security, confidentiality and availability through its 2020 acquisition of NightOwl Global. HaystackID’s current SOC 2 Type II attestation in all five trust service areas represents the achievement of a consolidated and fully integrated discovery management system, including all acquired companies.

“The privacy and security of our customers as well as the reliability of our services are paramount to our success,” HaystackID CEO Hal Brooks said. “Law firms and corporate legal departments that want to ensure that their data is protected can have even more confidence that the safeguards HaystackID has in place are industry leading.”

About HaystackID™

HaystackID is a specialized eDiscovery services firm that helps corporations and law firms securely find, understand, and learn from data when facing complex, data-intensive investigations and litigation. HaystackID mobilizes industry-leading cyber discovery services, enterprise managed solutions, and legal discovery offerings to serve more than 500 of the world’s leading corporations and law firms in North America and Europe. Serving nearly half of the Fortune 100, HaystackID is an alternative cyber and legal services provider that combines expertise and technical excellence with a culture of white-glove customer service. In addition to consistently being ranked by Chambers USA, the company was recently named a worldwide leader in eDiscovery services by IDC MarketScape and a representative vendor in the 2021 Gartner Market Guide for E-Discovery Solutions. Further, HaystackID has achieved SOC 2 Type II attestation in the five trust service areas of security, availability, processing integrity, confidentiality, and privacy. For more information about its suite of services, including programs and solutions for unique legal enterprise needs, go to HaystackID.com.


HaystackID Media Contact:

Leora Goldfarb



Rob Robinson



HaystackID on Social Media

+ Twitter (@HaystackID)

+ LinkedIn

SOURCE: HaystackID

So, what do you think?  How important is SOC 2 Type II attestation to your organization in selecting providers? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclosure: HaystackID is an Educational Partner and sponsor of eDiscovery Today

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Leave a Reply