Brownstein currently holds ISO 27001:2022 certification, the most widely adopted international standard for information security. This certification was achieved in early 2019 and covers information security throughout the firm and data centers.
ISO 27001 is an internationally recognized security standard that specifies and verifies the establishment and maturity of an organization’s Information Security Management System (ISMS). These rigorous standards documented in the firm's ISMS document exist to ensure that formal security and risk management controls are in place to protect the confidentiality, integrity and availability of sensitive company, client and personal information. Risk assessment, policy and process implementation, and both internal and independent audits are all part of the required work. The detailed certification process requires annual audits to ensure that the firm is utilizing and continuously improving best practices and procedures to secure its client and employee sensitive data and to keep pace with the ever-changing cybersecurity landscape.
Brownstein’s ISO 27001:2022 Certification (1554476-8) can be verified at our auditor’s online directory at https://www.schellman.com/certificate-directory. If you have additional information about the firm’s ISMS, please contact the security team at grc@bhfs.com.
Recent Insights
Read MoreNCUA and OCC Take Action to Preempt Illinois’ Interchange Law
Client Alert | June 17, 2026DOJ Opines that EEOC’s Title VII Disparate Impact Framework Is Unconstitutional
Presentation | June 17, 2026Biotech’s Legal and Regulatory Chaos
Client Alert | June 16, 2026G7 Leaders Launch Critical Minerals Resilience and Production Alliance
Presentation | June 16, 2026AI Governance in Practice: From Policy to Reality
Article | June 15, 2026Diane De Felice Provides Insights on Commercial Real Estate Trends for 2026
You have chosen to send an email to Brownstein Hyatt Farber Schreck or one of its lawyers. The sending and receipt of this email and the information in it does not in itself create and attorney-client relationship between us.
If you are not already a client, you should not provide us with information that you wish to have treated as privileged or confidential without first speaking to one of our lawyers.
If you provide information before we confirm that you are a client and that we are willing and able to represent you, we may not be required to treat that information as privileged, confidential, or protected information, and we may be able to represent a party adverse to you and even to use the information you submit to us against you.
I have read this and want to send an email.