by Amanda Fennell
on April 22, 2020
Cyber Security & Data Privacy
Working in litigation, investigations, and compliance means individuals around the globe place their trust in our community to safeguard highly sensitive personal information.
The honor of that responsibility is at the forefront of our security posture here at Relativity. It’s part of why we pursue compliance certifications such as FedRAMP, and maintain ISO 27001 and SOC-2 Type II, providing peace of mind that data housed in RelativityOne is well protected against cyber threats.
In response to customer questions and requests coming in as we all endure the COVID-19 crisis, we’ve recently added HIPAA compliance to that list of credentials.
The Health Insurance Portability and Accountability Act (HIPAA) was enacted to standardize the flow of healthcare information and protect personally identifiable information—referred to in the law as “Protected Health Information” (PHI)—from theft and fraud.
HIPAA compliance requires security policies and procedures to protect sensitive data; organizational knowledge about HIPAA, including how it affects business operations and customers; relevant internal training and a culture of security and compliance; and related documentation. With the COVID-19 crisis having a significant impact on our community, we wanted to act quickly to make it the next achievement in our compliance program.
We don’t know what lasting effects the current pandemic will have, but we’ve heard from many of you that you anticipate an influx of health-related projects hitting the legal community. As someone who lives in New Orleans—a national hot spot for the pandemic—and with a spouse who works in healthcare, the emotional impact of this crisis is painfully clear to me. If working with the immense amount of sensitive data being generated by the crisis can be any less stressful, it's our priority at Relativity to make that possible.
With that in mind, HIPAA compliance furthers our goal of supporting our community through this challenging period in whatever ways we can.
Let’s be clear: It is always necessary to protect the security and privacy of individuals’ health and personal information. But in the midst of a pandemic and with a growing volume of legal matters related to COVID-19 impacting our community, this is a critical moment to give the case teams handling that information peace of mind and verified safety in doing so.
We’re pleased to achieve this credential in support of those teams during a difficult time for our industry and the global economy. As you field inquiries for health-related projects and face the prospect of handling more PHI than ever, HIPAA compliance offers further evidence that RelativityOne is a well-armored platform in which you can tackle this important work.
Finally, the hectic nature of today’s marketplace also necessitates speed when it comes to picking up high-stakes projects and getting them started with confidence. It’s our hope that HIPAA compliance and the rest of our library of security certifications can help remove policy-driven roadblocks that inhibit your agility in adopting RelativityOne. The pay-as-you-go and flex commit pricing options we unveiled earlier this year can also help you get started with greater confidence, ensuring you don’t make large up-front commitments under strained and unpredictable circumstances.
Please don’t hesitate to let us know if you have any questions about our compliance certifications or our overall security practices. At Calder7, Relativity’s dedicated security team, it’s our privilege to secure your data so you can focus more on your team’s and customers’ needs.
Amanda Fennell is chief security officer at Relativity. In her role, Amanda is responsible for championing and directing security strategy in risk management and compliance practices. She has a masters degree in forensic science, and has more than a decade of experience in forensics and cybersecurity.
How to Maximize Cybersecurity while Working Remotely [Updated]
6 Security Questions to Ask a SaaS e-Discovery Provider
Why Law Firms Should Be Vigilant About Cyber Crime