Sacks Tierney: An InfoSafe Certified Business
Our InfoSafe certification reflects our commitment to protecting the confidential information of our clients and employees against unauthorized access or exposure that can result in identity theft and fraud, according to federal and state requirements and best practices within the legal profession.
In achieving InfoSafe certification, we have implemented an approved Information Security Plan, and we actively maintain the required safeguards within each category below:
- Administrative Standards – the non-technical policies and procedures that protect your confidential information and other business assets. This includes risk assessments, executive oversight, employee training, information access controls, ID theft red flags program, third-party data sharing, and more.
- Physical Safeguards – the physical and environmental security measures that protect confidential information. This primarily includes facility access and security, equipment location, and paper document use and storage.
- Technical Safeguards – the technical security policies and procedures to protect confidential electronic data, including computer and network security, encryption, network and website vulnerability testing, mobile device security, telecommuting, and more.
- Data Disposal – the secure and proper destruction of both paper documents and electronic data.
- Breach Response – the policies and procedures for managing and responding to data breach incidents, including incident reporting, management responsibilities, and a breach response plan.
Sacks Tierney executive director Gary Pace is a Certified Legal Manager (Association of Legal Administrators). In the context of our InfoSafe certification, Gary serves as Compliance Administrator, with the coordinated assistance of Sacks Tierney staff members Josh Harder (Technical Safeguards Contact) and Diane Morey (Breach Response Coordinator).