Security and trust

Built like a clinical system, not a chatbot.

Every piece of patient data lives behind row-level security. Every model decision is logged. Every release passes a clinical governance review.

Posture

What we do, and what we publish.

HIPAA

BAA available for practices

SOC 2 in progress

Type II audit close Q3 2026 · vendor + auditor locked Q2 2026

APA aligned

Evidence-based modalities

Zero ad data

Never sold, never brokered

Controls

The guardrails.

Row-level security.

Every row a clinician reads, every message a patient writes — guarded by Postgres RLS policies we publish and a governance committee audits.

MFA for every clinician.

TOTP enrollment is mandatory for clinician, supervisor, and admin roles. Enforced in middleware and in the database itself.

Adults 18+, outpatient only.

Scope discipline is a safety feature. We do not serve minors and we do not serve inpatient crisis — by design, not oversight.

Audit log you can read.

Every model response, every escalation, every data access is append-only logged with an actor, a reason, and a timestamp.

Encryption in flight and at rest.

TLS 1.3 in transit. AES-256 at rest. Field-level encryption for the most sensitive clinical attributes, with key rotation on a quarterly cadence.

Clinician-supervised model updates.

No model update reaches patients until a clinical governance committee has reviewed the canary evaluation and signed off in writing.

Peacefullai

Dr. Chen

Audit log · append-only · tamper-evident

Every access, every model decision, every escalation.

Queryable by patient, actor, action, date — exportable to your SIEM on System tier.

patient · actor · action · hash…

Last 24h▾All actors▾All actions▾All patients▾

Export →

TIMESTAMP · UTC

ACTOR

ACTION

SUBJECT

CONTEXT

HASH

2026-04-22 11:42:18

model

Pattern detected

Jordan K.

anticipatory somatic · 4th occurrence

a1c9…e42f

2026-04-22 11:43:02

clinician

Opened session-prep brief

Jordan K.

pre-session review · Dr. Chen

7fb4…3d11

2026-04-22 10:15:09

companion

Escalation declined

Jordan K.

ISS 0.34 · below threshold 0.70

c6e0…91ab

2026-04-22 09:02:44

clinician

Amended clinical note

Priya S.

correction requested by patient · logged

b8f1…72c9

2026-04-22 08:55:30

model

Crisis routing offered

Ameera F.

ISS 0.88 · 988 surfaced · accepted

44d2…0af6

2026-04-22 08:12:07

patient

Opted in to share pattern

self

anticipatory somatic · shared with Dr. Chen

e2ab…ccf4

2026-04-22 06:30:22

supervisor

Reviewed escalation

Marcus W.

weekly CGC supervision pull-through

19dd…6bae

2026-04-22 03:14:55

cgc

Model release approved

global

v2026.04.22 canary passed · 5% cohort · 14d

fd3e…00c2

8 of 3,248,109 eventschain verified · root hash 0xa1c9…742e · last check 3m ago