"“All Clients Deserve Ethical, Professional, Excellent Service, Which We Strive for Every Day.”"
– Timothy M. Sullivan, Esq.



The Law Offices of Timothy Sullivan strives for excellence in everything that we do for our clients. Technology plays a key role in enabling us to serve you by utilizing the best tools in the industry. Our IT team is experienced in maintaining, updating, and evaluating technology systems to ensure that we always provide the most up-to-date options. The following systems allow our staff to work at maximum efficiency and accuracy, and allow our leadership team to monitor, audit, and efficiently manage all work.

  • CollectMax

JST CollectMax, a state-of-the-art legal debt collection software, is also utilized as it provides a high level of automation and top-notch capabilities, including accounting, collections, document generation and reporting capabilities.

  • Telecommunications

The phone system, Vodavi StarPlus STS has several advanced features such as centralized hard-drive based voicemails, call monitoring, and the ability to customize company-level greetings.

  • Document Retention

All documents that enter the office via mail or fax are scanned into the debtor’s digital file on the firm’s secure server. This process helps ensure that we have a copy of all documents in the event a physical document is ever inadvertently lost or destroyed.

  • Data Security

The Law Offices of Timothy Sullivan are serious about security and we protect all the confidential data of our clients. Our technology systems have built-in security features that ensure the safety of your data at all times. The following system controls and practices are an important element of the data security program.

  • Physical Data Security
  • Employees are issued electronically-controlled access key cards.
  • Key card access is based on job description, and each employee is given the minimum amount of access necessary to perform his/her job functions.
  • The Server room, file rooms and data closets are secured by both lock and key and electronic key card access.
  • Facilities are monitored 24/7 by closed circuit video cameras and motion detecting sensors. All video records are retained beyond relevant status of limitations.
  • The facility security alarm is monitored 24/7, 365 days a year. All alarm systems are routinely inspected by a third-party reputable vendor.
  • Visitor log documenting entry and exit time and purpose is maintained and all visitors are escorted by workforce members when inside the facility.
  • Workstations are automatically locked after three unsuccessful login attempts and/or several minutes of no activity.
  • Network Data Security
  • Each employee is assigned a unique User ID and password.
  • Network access is restricted by use of Windows Active Directory which maintains security levels and access privileges.
  • Microsoft Group Policy is set to full audit levels for the System and Security log for event documentation and monitoring.
  • All workstations are installed with the latest anti-virus software. Workstations are updated daily with Microsoft Security Patches.
  • All confidential electronic messages are encrypted with state-of-the-art software.
  • Routine daily data backups are performed for our entire organization. Daily backups of all systems are conducted by the IT staff and are stored off-site.
  • Our firewall makes use of a robust, effective, and scalable model.
  • Any firewall event will be documented on a central server, allowing our IT professionals to review the event and attempted intrusion.
  • Third Party Software
  • The primary collection system software, Debt$Net, safeguards data files as users can access only through the Debt$Net platform, preventing unauthorized personnel from accessing confidential information from outside of Debt$Net.
  • Debt$Net is secured by a username and password. Debt$Net user accounts are set up with restrictions based on Group IDs.
  • Sensitive data is masked.
  • Each function is partitioned by the use of menus and submenus. Users have access to menus and submenus according their assigned security level.
  • Redundancy and Threat Detection 

Safeguarding the data integrity of our clients is a top priority at our firm. Our Disaster Recovery Plan and Incident Response Plan are tested biannually. Our backup, recovery, and disposal procedures allow for a retrievable, exact copy of confidential data. System and data recovery are tested on a regular basis. Confidential data and systems are backed up daily using encrypted, durable media that are protected from theft, environmental and physical threats, and unauthorized access in off-site storage. An inventory of the systems backed up is tested regularly. Confidential data and systems are disposed of in such a way as to ensure that data cannot be retrieved or recovered, which includes complete destruction, degaussing, or use of other standard Department of Defense approved techniques for wiping media.

Our dedicated staff of network professionals and analysts interface with clients to find the best means for sending and receiving data that is both convenient and secure. Our secure transmission capabilities are extensive, including the use of secure FTP servers, encrypted VPN, and email encryption software. We also offer clients customizable reporting, including acknowledgments, status reports, statement and remittance reports, collection actuaries, aging analysis, and returned accounts reports. All reports are delivered on a regular basis via U.S. mail or other secure electronic means.

We take great pride in serving our clients with the best available technology and security measures. Our audit processes and strict compliance with federal sanctions ensure that your sensitive data is always protected, and underscores how we are always doing our best to serve you.

  • Training

Employee training programs are aligned with our core values of professionalism, ethics, and excellence. We have a zero tolerance policy for violations of state and federal collections laws and regulations.  Each employee receives initial training in compliance with the Fair Debt Collection Practices Act (FDCPA), the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), the Sarbanes-Oxley Act (SOX), the Red Flags Rule for identity theft, all regulatory mandates put into place by the Consumer Financial Protection Bureau (CFPB), and all other federal, state, and local laws.  Thereafter, we perform company-wide training three times per year to ensure that our staff is educated on changes to collections laws and regulations. We have also instituted comprehensive written policies and procedures that all employees follow to reinforce compliant practices in all that we do.

  • Collector Training Program

Typical collector training program includes the following modules:

  • Collection Communication Skills
  • Using Our Technology Tools
  • Identifying and Confirming Responsible Parties
  • Skiptracing
  • Payment Demand Tactics
  • Asset Search and Verification
  • Legal Referrals
  • Certifications and Audits

We are compliant with the Federal Tax Information Safeguards Program, USC 6103, and IRS Publication 1075. Every year, The Law Offices makes significant investments in current technologies and software to achieve the highest industry standards in data security. Our procedure-based methodology for protecting sensitive client information remains in constant focus. Audit and accountability procedures are implemented on a quarterly basis to ensure that our security goals exceed client expectations. Our risk-assessment guidelines were developed in deference to NIST Special Publication 800-30 with a special focus on non-repudiation, deterrence, fault isolation, intrusion detection and prevention, and after action recovery and legal action.