NetDocuments extends data protection offering to customers by completing ISO 27017 certification, adding additional SOC 2 privacy controls and receiving a GDPR compliance attestation.
Salt Lake City, UT – August 10, 2018 – NetDocuments, the leading cloud-based content services and security platform for law firms and corporate legal and compliance departments, announced today that it has completed third-party certifications and attestations for ISO 27017 and GDPR respectively, and has implemented additional controls for its annual Type 2 SOC 2 audit.
Last year, NetDocuments expanded the scope of its ISO 27001 certification, first achieved in 2015, to include the new standards identified in ISO 27018 for the protection of Personally Identifiable Information (PII). NetDocuments was the first legal content management service provider to expand its ISO 27001 certification to include the additional controls from ISO 27018. NetDocuments has now announced the certified implementation of ISO 27017 controls, further extending its ISO 27001 audit to include a code of best practices and security controls relating to data management.
One of the key differentiators between NetDocuments and other legal content services is the concept of NetDocuments’ customers inheriting audited and certified data protection through the use of NetDocuments’ single global platform. When NetDocuments completes an audit, attestation, or security certification for our service and its infrastructure, all our customers instantly benefit since everyone is accessing the same global instance of the service. This security and compliance-as-a-service benefit is only possible through native cloud technology where a global customer community uses a single certified, protected, and compliant service.
— David Hansen, Vice President of Compliance, NetDocuments
In addition to the ISO 27017 audit and certification performed by Schellman & Company, a leading security and compliance assessor, NetDocuments has extended its Type 2 SOC 2 audit to include additional privacy controls for data protection. In total, NetDocuments has completed or is in the process of completing 11 certifications and attestations.
Beyond the NetDocuments SOC 2 Type 2 audit and other compliance achievements such as FIPS 140-2 Level 3, SEC/FINRA, ISO 27001, and HIPAA compliance, the NetDocuments cloud-based application and platform have gone through an additional level of SOC 2 standards known as SOC 2 Plus for financial and bank certification, which includes dozens of additional controls and requirements put forth and regulated by leading financial institutions.
This summer, UK-based Cordery Compliance Limited completed an independent attestation of NetDocuments’ compliance with the General Data Protection Regulation (GDPR).