Brownstein currently holds ISO 27001:2022 certification, the most widely adopted international standard for information security. This certification was achieved in early 2019 and covers information security throughout the firm and data centers.
ISO 27001 is an internationally recognized security standard that specifies and verifies the establishment and maturity of an organization’s Information Security Management System (ISMS). These rigorous standards documented in the firm's ISMS document exist to ensure that formal security and risk management controls are in place to protect the confidentiality, integrity and availability of sensitive company, client and personal information. Risk assessment, policy and process implementation, and both internal and independent audits are all part of the required work. The detailed certification process requires annual audits to ensure that the firm is utilizing and continuously improving best practices and procedures to secure its client and employee sensitive data and to keep pace with the ever-changing cybersecurity landscape.
Brownstein’s ISO 27001:2022 Certification (1554476-8) can be verified at our auditor’s online directory at https://www.schellman.com/certificate-directory. If you have additional information about the firm’s ISMS, please contact the security team at [email protected].
Recent Insights
Read MoreBless the Trade Down in Africa: AGOA Short-Term Reauthorization
Client Alert | February 05, 2026Post-Inaugural Gubernatorial Debate, Where the California Governor’s Race Stands
Client Alert | February 05, 2026Labor-HHS Fiscal Year 2026 Appropriations Bill and Health Care Extenders Overview
Client Alert | February 05, 2026Project Vault and FORGE Signal Next Phase of U.S. Critical Minerals Policy
Client Alert | February 03, 2026There Was a Shutdown? Government One DHS Bill Away from Completing Appropriations
Client Alert | February 02, 2026HIPAA Notice of Privacy Practices: Updates Required by Feb. 16, 2026
You have chosen to send an email to Brownstein Hyatt Farber Schreck or one of its lawyers. The sending and receipt of this email and the information in it does not in itself create and attorney-client relationship between us.
If you are not already a client, you should not provide us with information that you wish to have treated as privileged or confidential without first speaking to one of our lawyers.
If you provide information before we confirm that you are a client and that we are willing and able to represent you, we may not be required to treat that information as privileged, confidential, or protected information, and we may be able to represent a party adverse to you and even to use the information you submit to us against you.
I have read this and want to send an email.