Certifications

NAID

When companies require secure destruction of hard copy records, electronic media and computer hard drives they can rely on service through Access
locations, many of which are NAID AAA Certified.

NAID® is the international trade association for companies providing information destruction services. NAID’s mission is to promote the
information destruction industry and the standards and ethics of its member companies. NAID merged with PRISM in 2018 to form the new industry trade association
i-SIGMA.

PRISM Privacy+

PRISM is an international organization representing companies that engage in Commercial Information Management Services.

Access continues to maintain the Privacy+ certification demonstrating our commitment to information privacy standards. Additionally, Access is a
corporate member of PRISM International with team members serving in various leadership positions.

EU-US and Swiss-US Privacy Shield

The EU-US and Swiss-US Privacy Shield Frameworks requires that companies meet obligations to protect personal data. Now, more than ever, companies
need guidance to ensure requirements are met.

The assessment guides discovery of necessary information, including relevant data flows and evaluation of privacy policies and practices against
relevant standards. Access partners with TrustE to assess the privacy frameworks, ensuring no gaps exist to mitigate risk.

PCI Compliance

PCI DSS (Payment Card Industry Data Security Standard) provides technical and operational requirements that are designed to protect cardholder
data. The requirements were designed to decrease credit card fraud by increasing the controls involved with cardholder data.

PCI DSS acts as a framework for a Merchant or Service Provider to develop a strong payment card data security process, which includes prevention,
detection, and reaction to security circumstances. Access maintains PCI DSS attestation of compliance for access control and security measures.

SOC 1 Type II

SOC is the de facto standard for technology service providers to demonstrate the successful design and operation of their internal controls.

The Access Carta (formerly FileBRIDGE Digital) Platform and records information and off-site media vault management systems are assessed by an
independent auditing firms against a number of organizational security controls covering network security, physical & logical access, change management,
backup, system availability and monitoring, and customer support. The SOC 1 Type II report provides our clients assurance that the Access platforms and systems
have general, foundational information technology controls.

Affiliations

Association for Information and Image Management (AIIM)

AIIM is a nonprofit organization focused on helping users to understand the challenges associated with managing documents, content, records, and
business processes. Founded in 1943, AIIM is also known as the enterprise content management (ECM) association. Access is a strong supporter of the annual AIIM
educational conference. In addition, several Access team members hold leadership positions in local AIIM Chapters.

Association of Legal Administrators (ALA)

ALA is the Association of Legal Administrators. Founded in 1971, the organization is dedicated to providing support to professionals involved in
the management of law firms, corporate legal departments and governmental legal agencies. As a supporter of ALA, Access participates in local and national ALA
events.

ARMA International

For more than 50 years, ARMA International has been regarded as the leading not-for-profit professional association and the authority on managing
records and information – paper and electronic. Access is a proud corporate member and annual sponsor of the ARMA International Educational conference.
In 2013, the Access Leadership Scholars Endowment was created and is administered by the ARMA IEF. Additionally, several Access team members hold leadership
positions in ARMA chapters throughout the U.S.

IG GURU

IG GURU® is an Information Governance news organization with an active community.  There are associations, academic institutions, and
vendors who provide Information Governance education, training, and networking, and IG GURU® is a place for the entire Information Governance Ecosystem.
IG GURU® also hosts 20 years of communication from the former Record Management Listserv.

International Association of Privacy Professionals (IAPP)

The International Association of Privacy Professionals (IAPP) is the largest and most comprehensive global information privacy community and
resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally. Access is proud to
be a Silver Member of IAPP.

International Facility Management Association (IFMA)

The International Facility Management Association is the world’s largest and most widely recognized international association for
professional facility managers, supporting more than 19,500 members in 60 countries. The association’s members, represented in 125 chapters and 16
councils worldwide, manage more than 37 billion square feet of property and annually purchase more than US$100 billion in products and services.