Casepoint
"Casepoint streamlines Slack data collections for legal discovery workflows. Enjoy faster preservation and collections of Slack data while decreasing risk of spoliation or missed data. Organizations that use Casepoint’s Slack integration will be able to:- Target specific Slack channels for collection, decreasing costs associated with over-collection.
- Identify all Slack channels a user is associated with and perform one collection for the set.
- Collect both public and private channels.
- Channel collections include edited and deleted messages.
- Attachments are collected and kept within standard parent-child relationships to streamline the review process.
- Channel reactions and emojis are included with the collection.
- Third party Slack accounts are available and collectable.
- Content from all parties within shared channels are collectable.
- Channel communication may be threaded and divided based on custom configurations. "
- Identify all Slack channels a user is associated with and perform one collection for the set.
- Collect both public and private channels.
- Channel collections include edited and deleted messages.
- Attachments are collected and kept within standard parent-child relationships to streamline the review process.
- Channel reactions and emojis are included with the collection.
- Third party Slack accounts are available and collectable.
- Content from all parties within shared channels are collectable.
- Channel communication may be threaded and divided based on custom configurations. "
Permissions
Casepoint will be able to view:
Casepoint will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Casepoint
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
All active Customer Data shall be retained for as long as the Customer continues to be an active
Customer of Casepoint or unless a request has been made by the active Customer for the deletion of
data.
All Customer Data, after termination of contract, must be retained in accordance with the contractual
agreement between Customer and Casepoint.
Customer Data retention policies may be implemented against Customer Data on an ad-hoc basis as
maybe agreed between Casepoint and Customer.
Data archiving and removal policy
Disposal of customer data will be carried out in accordance with the contractual agreement between
Casepoint and Customer. In the absence of any contractual agreement, an automatic script or manual
script (for ad-hoc requests) is initiated on Casepoint platform containing customer data. This
activates a full hard delete of customer data on the platform.
Data storage policy
Casepoint produces, controls, and distributes symmetric and asymmetric cryptographic keys for Casepoint using FIPS 140-2 compliant key management technology and processes. Casepoint only uses the Advanced Encryption Standard (AES) encryption algorithm for symmetric and asymmetric cryptographic keys. Casepoint uses Federally approved and validated cryptography wherever possible in Casepoint. By using FIPS validated encryption. Moreover, Casepoint mandates the use of TLS 1.2 and above for internal and external data communication. The processed data is then stored on various Network Attached Storage (NAS) file shares within the Casepoint network. All servers and attached storage drives are encrypted and access to this file share is restricted to use only SMB 3.1.
Casepoint tests backup information at least annually, and generally multiple times a year. Casepoint will run disaster recovery scenarios/tests. The tests include failover to the secondary, hot-site and recovery of the data from the same. Casepoint stores backup copies of organization-defined critical information system software and other security-related information in geographically diverse data centers.
App/service has sub-processors
no
Certifications & compliance
SOC attestation
ISO/IEC-27001 certification
FedRAMP ATO
Data deletion request procedure
At the database level following a client request for data to be removed from Casepoint, the following activities are performed to ensure data no longer exists in the Casepoint platform:
All of the DB and associated backups of DB are deleted from our systems;
All associated files for the case are deleted from our file shares;
All data is deleted from backups;
Data is deleted from the Disaster Recovery site as part of the replication of data from PROD to DR;
Upon successful deletion, Casepoint provides a certificate of destruction to the client for their records. Casepoint does share the client Data Disposition form, to select the needed options and sign documents. Upon the receipt of the archive by the client, Casepoint deletes all the data from the network.
Casepoint provides the Archive of all data that the client has with us in Conc Format ( which is globally used in Data format) so that the data can be loaded on any other platform. Casepoint does share the client Data Disposition form, to select needed options and sign documents. Upon the receipt of the archive by the client, Casepoint deletes all the data from our network.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Supports Single Sign On (SSO) with the following providers
Okta,Google
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
issecurity@casepoint.com
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
no
Requires third party authorization/connections
no
Uses token rotation
no