Security

Built for the work

you actually do.

Your data, your work product, your clients. Protected at every layer.

HIPAA-compliant infrastructure

Platform architecture designed for protected health information. Business Associate Agreements available on request.

AES-256 encryption

At rest and in transit. TLS 1.3 on every connection. Keys managed through a dedicated KMS.

SOC 2 Type II

Audit in progress. Attestation targeted for release following the current observation window.

Your data is never used to train our AI

We do not train on customer files. Your firm's work product stays your firm's.

Your data, portable

Full CSV export. API read access. Enterprise customers can pipe directly into their data warehouse.

Role-based access

Granular permissions per user. Audit logging on every sensitive action. Session controls and SSO for Enterprise.

Audit Logging

Every sensitive action, recorded.

Document views, exports, e-signatures, permission changes, and integration key rotations are logged with actor, timestamp, and target. Tamper-evident storage. Seven-year retention by default.

Stream the log to your SIEM on Enterprise.

Audit log · Livestreaming

14:32:08sarah.chenviewedSmith v. Allstate · medicals.pdf

14:31:55mike.texportedCSV · Active cases (Q2)

14:30:12sarah.chensignedHIPAA authorization · J. Garcia

14:28:41systemrotatedAPI key · Filevine integration

14:27:03admingrantedRead access · paralegal-team

14:25:17sarah.chenlogged inSSO · Okta

Retained 7 years · Tamper-evident+1,284 today

Need our compliance packet?

BAA templates, security overview, SOC 2 progress summary. Available on request.

Request compliance packet

Preferences

Text Size

100%