Cimplifi employs the highest standards across our enterprise and we stand up to the most rigorous vetting.
The security of your data and safeguarding of your information is of paramount importance, and we are committed to the highest standards across our enterprise. We employ strict internal protocols, controls and monitoring, and have been vetted by the most rigorous corporations and independent third-party auditors. Cimplifi is among the few eDiscovery companies to achieve ISO 27001 status, as well as compliance with NIST 800-171, PCI DSS, GDPR, HIPAA, and ITAR regulations. We maintain operations at only Tier IV or higher data centers with SOC audits, and mandate that cloud hosting partners maintain their own ISO and SOC status. In addition to using ITAR compliant data centers, we also offer a RelativityOne ITAR compliant instance. Our security protocols reflect best practices and are always evolving to address new threats, regulatory changes, technology updates, and client requirements, for complete confidence and peace of mind.
Certifications & Compliance
The regulations governing data, privacy, security, and overall best practices for law firms and corporate legal departments are constantly advancing and becoming stricter in terms of compliance and adherence. Cimplifi has a dedicated team monitoring laws and regulations nationally and internationally to ensure we meet the strictest standards.
Secure Data Centers
We have created a highly scalable, ultra-high capacity infrastructure to handle any volume of data. Our physical and cloud-based data centers are among the most secure in the industry and access management is maintained at the global level. Our primary Tier IV data center, located in Tierpoint at the Philadelphia Naval Yard, is SSAE-16 and SOC 2, Type 2 audited, PCI-DSS, GLBA and HIPAA compliant, and ITAR and US-EU Privacy Shield registered.
Internal Controls & Monitoring
Cimplifi understands that security policies and software, in and of themselves, are not the only aspect of security that requires implementation. The ability to monitor, manage, and ensure compliance with stated policies and procedures, and continuously observe behaviors makes for a cohesive and comprehensive security program.