Secure and Compliant Legal Redline Control With LastCheck

LastCheck is currently undergoing the process to achieve SOC 2 Type 2 compliance, covering Security, Availability, and Confidentiality. For the latest status update, please reach out to trust@lastcheck.ai.

What is SOC 2 and why does it matter? SOC 2, developed by the AICPA, is a framework that assesses how well a company manages customer data based on the Trusted Services Criteria. To obtain certification from an independent, security-focused CPA firm, LastCheck's infrastructure, policies, and procedures have been rigorously evaluated. This audit affirms our ongoing commitment to security and the protection of our users' data across our electronic signature platform.

LastCheck is compliant with the Health Insurance Portability and Accountability Act (HIPAA).

What is HIPAA and why is it important? HIPAA is a U.S. law that establishes standards for protecting personal health information (PHI/ePHI). LastCheck has implemented the required safeguards and undergone an independent audit to verify compliance and the effectiveness of our controls. We meet or exceed HIPAA's security and privacy standards.

LastCheck employs industry best practices to safeguard its systems. All data transmissions, such as login and document review actions, are encrypted using TLS 1.2. Data at rest is protected with AES-256 encryption, the same standard used by the U.S. government. Our infrastructure is routinely updated with the latest security patches, and monitored continuously for threats using intrusion detection systems. LastCheck operates on Google Cloud infrastructure, which provides physical and digital security, including redundancy, restricted access, and compliance with ISO 27001, ISO 27017, ISO 27018, SOC 2, and HIPAA.

Our services are hosted on Google Cloud's high-availability architecture, with operations spread across multiple availability zones. This ensures service continuity even if one zone experiences issues. We maintain detailed disaster recovery and business continuity plans, test them regularly, and continuously refine our approach to uphold service availability. Our operations team actively monitors performance and key metrics to deliver reliable uptime.

At LastCheck, data security is a top priority. We utilize high-availability infrastructure, encrypt data in transit and at rest, and strictly control access to production environments. All employees undergo background checks (as per local laws) and receive regular training on security and privacy. Access to customer data is limited to authorized personnel on a need-to-know basis, and all activity is logged and reviewed. Production systems are hardened for security, supported by continuous monitoring and automated security updates.