Security & Compliance

Robust security at every turn.

Other litigation support companies claim they are SOC 2 Type 2 compliant. But do they have attestation from a reputable independent auditor?

U.S. Legal Support does. Your highly sensitive case and client data is protected by full-spectrum, robust security that meets best practices.

Data protection and cybersecurity mitigation for law firms

We take data privacy and security very seriously.

Your confidential and sensitive case and client data is protected by robust plans to prevent breaches and to respond promptly to any threats that may arise. We have a 24/7 Network & Security Operations Center and maintain redundant datacenters to promote the full and uninterrupted availability of your data. We work hard so you can rest easy.

HIPAA Compliant

An independent auditor has verified that
U.S. Legal Support is HIPAA compliant for the protection, privacy, security and integrity of all protected health information and personally identifiable information of your clients.

End-to-End Encryption

All transmitted files are subject to end-to-end encryption, protecting your data from being read or modified by anyone other than the sender or recipient(s).

SOC 2 Type 2

An independent auditor has verified the procedures, safeguards and technology that we employ to ensure the protection of your sensitive data.

NIST Cybersecurity Framework

U.S. Legal Support follows the NIST Cybersecurity Framework regarding policies, procedures and controls.

The U.S. Legal Support Difference

We offer security and data protection that no other end-to-end litigation support services company can provide.

While other providers claim they are SOC 2 Type 2 and HIPAA compliant, without attestation from a reputable independent auditor, they cannot guarantee that systems and operational processes actually ensure HIPAA compliance and follow SOC 2 Type 2 guidelines.

These other providers also typically rely on the SOC 2 Type 2 of the datacenters they run on, not their own internal controls. This is not the case with U.S. Legal Support. Our SOC 2 Type 2 compliance confirms our own internal processes and controls and has been verified by reputable, independent auditors.

In addition to SOC 2 Type 2 and HIPAA compliance, U.S. Legal Support provides:

Attestation from reputable independent auditors of all systems, processes and controls
Intrusion detection and prevention systems
Third-party penetration testing
Incident response plan that is vetted by independent cybersecurity incident response experts
Frequent backups and replication across multiple, geographically dispersed datacenters
Disaster recovery plan

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie is set by CloudFlare. The cookie is used to support Cloudflare Bot Management.
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__hstc	1 year 24 days	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
__lotl	5 months 27 days	This cookie is set by the provider Lucky Orange. This cookie is used to identify the traffic source URL of the visitor's orginal referrer, if there is any.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_UA-119238040-1	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gcl_au	3 months	This cookie is used by Google Analytics to understand user interaction with the website.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_lo_uid	2 years	This cookie is set by the provider Lucky Orange. This cookie shows the unique identifier for the visitor.
_lo_v	1 year	This cookie is set by the provider Lucky Orange. This cookie is used to show the total number of visitor's visits.
_lorid	10 minutes	This cookie is set by the provider Lucky Orange. This cookie is used to identify the ID of the visitors current recording.
CONSENT	16 years 5 months 1 day 11 hours 7 minutes	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.

Security & Compliance

Robust security at every turn.

We take data privacy and security very seriously.

HIPAA Compliant

End-to-End Encryption

SOC 2 Type 2

NIST Cybersecurity Framework

9 essential cybersecurity questions to ask potential vendor partners

The U.S. Legal Support Difference

U.S. Legal Support Security and Compliance Overview

Protecting your sensitive case and client data is our priority.

How Can We Help?