eFile is SOC 2 Type II certified!

We are happy to announce that Pasadena Consulting Group LLC dba Electronic Filing Systems has been certified under SOC 2 Type II for our eFile product!

TLDR? In short: Your IT department is going to love that eFile is SOC 2 Type II compliant! You can find details in our Trust Center.

What is SOC 2 Type II and why does it matter?

SOC 2 Type II is a comprehensive certification developed by the American Institute of CPAs (AICPA) that validates an organization’s commitment to maintaining robust (cyber-)security and privacy controls over time. Unlike a one-time assessment, this certification requires continuous monitoring and evaluation of critical processes, ensuring that service providers adhere to stringent criteria around data security, availability, processing integrity, confidentiality, and privacy.

SOC 2 Type II certification is typically pursued by organizations that manage sensitive data or provide critical digital services. Technology companies, SaaS providers, cloud service providers, and data centers often seek this certification to demonstrate robust internal controls over security, availability, processing integrity, confidentiality, and privacy. It is particularly popular among firms operating in regulated industries—such as finance, healthcare, and government—as they need to ensure that their operational practices meet the stringent standards required to protect customer data. Ultimately, obtaining SOC 2 Type II certification helps these organizations build trust with their clients and stakeholders by proving their commitment to maintaining secure, reliable, and transparent systems.

For public agencies handling sensitive public disclosures—such as conflict of interest, lobbying activities, and political campaign finance data—the level of scrutiny of SOC 2 Type II provides tangible assurance that the systems managing this information are secure and reliable.

eFile achieving SOC 2 Type II certification marks a significant milestone in our ongoing mission to serve public agencies with integrity and transparency. By meeting the rigorous standards set by the AICPA, our platform demonstrates that it not only follows industry-standard best practices but also commits to continuous improvement in safeguarding the data entrusted to us. This certification helps build trust with our clients by ensuring that every piece of sensitive information is managed with the highest levels of security and operational excellence, ultimately supporting public agencies in their mission to promote accountability and transparency.

What did it take to get certified?

Achieving SOC 2 Type II certification required a dedicated, methodical approach and the right tools to ensure every aspect of our security and operational controls met the highest standards. At PCG/EFS, we partnered with Vanta—a platform that automates compliance monitoring—to streamline our efforts and keep our systems continuously in check. This collaboration allows us to maintain real-time oversight of our security protocols, promptly address any vulnerabilities, and demonstrate our commitment to meeting the rigorous standards set by the AICPA.

In addition to leveraging Vanta, our team undertook extensive audits, risk assessments, and system enhancements to align our practices with industry benchmarks. This comprehensive process underscores our commitment to protecting sensitive data and ensuring transparency in every step of our operations. To learn more about our journey, review detailed insights, or request access to our SOC 2 Type II report, please visit our Trust Center.

Are other electronic filing systems SOC 2 Type II certified?

Disclaimer – we don't really know! The below is what we've been able to infer on the basic of public information on the internet:

Netfile
Netfile is most likely not SOC 2 Type II compliant – their website does not mention SOC 2 in any form.

Granicus
Granicus offers eDisclosure and a campaign finance product. Granicus is SOC 2 Type II certified, but it is not clear if their certification extends to their eDisclosure and campaign finance products that were originally developed by SouthTech Systems Inc.

What does eFile's SOC 2 Type II certification mean for your agency?

eFile's SOC 2 Type II certification means your agency can trust that its sensitive data is protected by the highest industry standards. This certification, achieved through rigorous processes, demonstrates our commitment to maintaining robust security, operational excellence, and ongoing compliance. By choosing eFile, you're not only adopting a solution that meets stringent regulatory requirements but also partnering with a team dedicated to ensuring your agency’s data is safeguarded at every level. With eFile, you can focus on your mission with the peace of mind that comes from knowing your digital infrastructure is secure, reliable, and designed to meet the evolving challenges of today’s data-driven landscape.