Security at AffiniPay

As a Level 1 service provider, AffiniPay upholds the pinnacle of payment security standards, demonstrated through our PCI DSS Attestation of Compliance. This esteemed certification showcases our commitment to the rigorous security protocols required to protect and handle payment card data. Our status not only reflects our capability to meet the most stringent level of compliance set forth by the PCI DSS but also reassures our clients and partners of the comprehensive security measures embedded within our payment processing solutions.

Our achievement as a Level 1 service provider signifies our dedication to maintaining a secure, reliable transaction environment, ensuring the integrity and confidentiality of every payment processed. By granting access to our Attestation of Compliance upon request, we foster transparency and reinforce trust with our user community, affirming our role as a steadfast protector of payment security in the fintech landscape.

MyCase proudly achieves and maintains compliance with the Payment Card Industry Data Security Standard (PCI DSS), as confirmed by our latest Attestation of Compliance. This achievement underscores our unwavering commitment to safeguarding sensitive payment information within our legal case management software solutions. Our PCI DSS AoC signifies that MyCase adheres to the highest standards for security protocols, risk management, and protective measures, ensuring the confidentiality, integrity, and availability of client payment data.

As a trusted provider, our focus extends beyond compliance to embody a culture of security and privacy that protects our clients and their customers. MyCase’s compliance with PCI DSS standards is a testament to our dedication to secure payment processing, offering peace of mind to our users through a robust and secure platform. Access to the Attestation of Compliance is available for clients seeking to verify our commitment to payment security, reinforcing our promise of delivering secure, reliable, and compliant legal case management services.

This Certificate of Insurance (CoI) verifies our company's comprehensive insurance coverage, including cybersecurity and liability policies. It provides essential information for prospective clients assessing their risk exposure when partnering with us, ensuring that we maintain robust protections as part of our commitment to client and partner trust.

This Shared Responsibility Matrix delineates the specific roles and responsibilities of AffiniPay and its clients in adhering to the Payment Card Industry Data Security Standard (PCI DSS). It ensures a clear understanding of the collaborative efforts required to maintain robust security measures, safeguarding sensitive cardholder data throughout our transaction processes. The document serves as a vital resource for clients to comprehend their obligations and our commitments, reinforcing our dedication to maintaining high security standards as part of our commitment to client trust and data protection.

Our commitment to maintaining the highest standards of data security and privacy is underscored by our SOC2 Type 1 compliance. This report, prepared by an independent third-party auditor, evaluates the design and implementation of our information security policies, practices, and controls at a specific moment in time. Focused on the principles of security, this report demonstrates our dedication to safeguarding our clients' data against threats and vulnerabilities. By providing transparent access to our SOC2 Type 1 report, we aim to give our prospective clients confidence in our security posture and our commitment to the principles of trustworthiness and reliability that define our services. Access to the report is available upon request for clients considering our payments and legal case management software solutions, ensuring that our commitment to security aligns with your organization's requirements and expectations.

The AffiniPay Security Questionnaire is based on the SIG Lite formate. This is an abridged version of the Standardized Information Gathering (SIG) questionnaire, designed to provide an accessible overview of our organization's information security controls and practices. This document serves as a powerful tool for companies and individuals looking to understand our commitment to maintaining a secure and resilient environment for data management.

In this scaled-down version, we address the key areas of our security controls, focusing on critical elements of risk management, data privacy, information security, and IT governance. Despite its concise format, the Security Questionnaire document provides valuable insights into our information security practices, making it an ideal resource for those seeking a high-level understanding of our commitment to data protection.

By making the Security Questionnaire document available for general release, we aim to offer transparency into our security measures and assure our stakeholders of our unwavering commitment to data security and privacy.