Client data is secure in CaseManagerPro
Lucid IQ provides advanced protection and control of your information assets to prevent data loss and unauthorized access, lower risk and assure maximum compliance with internal and external security standards. Features of CaseManagerPro, top-tier supporting products and service providers, and company policies and practices all contribute to the security of your information within the platform.
CaseManagerPro Security and Management Features
CaseManagerPro Platform Access
New CMP users are granted access only by an authorized administrator. Each user is assigned a unique user name and password that must be changed the first time a user logs in to the system. Accounts are automatically locked after a preset number of failed attempts.
Role Security within the CMP Application
A “User Role” designation controls deny, read or edit access to specific record types or data areas. For example, a junior employee may have access to case documents but not financial records.
User Access to Records
A “Security Class” designation provides record-level control, denying a user’s ability to access, search or report on record without matching class credentials. This assures that users can only access data for the cases and data they are assigned to or manage. For example, users can be restricted to the class of a specific practice group, or a local counsel firm can be restricted to its assigned cases in multi-district litigation.
Audit Trails/Transaction Logs
Lucid IQ utilizes industry best practices to provide end-to-end audit capabilities. All user actions, including logins, case and record creations, updates and other activities, are logged. A transaction log, available to administrators, provides details on all user activity at the record level.
Secure Hosting with Lucid IQ
When you choose CaseManagerPro hosted by Lucid IQ, security is ensured at the physical, application and user levels.
Data Center Security
The Lucid IQ state-of-the-art data centers maximize the protection of client data. Data center physical access is limited to only authorized personnel. Guests visiting the Lucid IQ data center are required to sign in, display an identification badge and are escorted at all times. The data center follows ISO 27001/2-based policies, which are reviewed annually. Strict policies are followed in regard to secure document and media destruction, and disaster recovery and business continuity procedures.
Client Data Protection
The database servers that store client data are protected by highly secure firewalls. The data can only be accessed programmatically through the CaseManagerPro application. HTTPS/SSL is used for all user logins and transmission for the duration of the session. In the hosting center, each client’s hosted data is strictly segregated from that of other clients with a dedicated instance of the CaseManagerPro database installed for each client.
Redundant Backup/Data Loss Prevention/Disaster Recovery
Data is backed up to three different servers, providing protection against catastrophic data loss. In the event of failure of the host server, a backup server can be in place in less than an hour. In the event of a catastrophic failure, such as a weather event that disables an entire data center, a disaster recovery plan is implemented that redirects user access to a backup data center located in a different geographic region of the U.S.