Security Philosophy
Clinical Corvus was built with a security by default posture. We believe trust is fundamental in any clinical tool.
This document describes our security posture. Actual compliance certifications (HIPAA, SOC 2, ISO 27001) require formal audit processes. Contact the team for current compliance status.
Our Principles
1. Local-First by Default
What it means: Patient data stays within your infrastructure.
How it works:
- Identifiable context is not sent to external services
- External research is disabled by default
- Automatic sanitization before any external query
- Support for local models or private credentials
"Privacy is not an optional feature — it's a fundamental requirement."
2. Clinician Control
What it means: You maintain control over what is accepted.
How it works:
- Check-to-accept on all outputs
- Verifiable citations for every claim
- Complete audit trails
- Explicit uncertainty signaling
"The system proposes, the clinician decides."
3. Minimal Retention
What it means: We keep only what's necessary.
How it works:
- Retention compatible with clinical continuity
- Separation of operational logs from sensitive data
- Clear lifecycle policies
- Right to be forgotten implemented
4. Layered Verification
What it means: Multiple security checkpoints.
How it works:
- Goal verification (did it answer the right question?)
- Internal coherence checking
- Potential risk analysis
- Explicit pause when confidence is low
Security Architecture
Trust Boundary
| TRUST BOUNDARY | |
|---|---|
| 🏥 Patient Data (PHI) | Stays local by default |
| 🔐 Clinical Context | Processed locally |
| 📚 Knowledge Base | Curated and updated |
↓ (Only with explicit consent)
| EXTERNAL SERVICES | |
|---|---|
| 🔍 Evidence Search | Sanitized - Only clinical keywords |
Protection Layers
| Layer | Responsibility | Example |
|---|---|---|
| Input | Sanitization and validation | Removal of identifiers |
| Processing | Access control | RBAC by role |
| Output | Verification and review | Check-to-accept |
| Storage | Encryption and retention | AES-256 at rest |
| Audit | Logs and tracking | Complete trails |
Compliance
Aligned Practices
- HIPAA: Ready architecture for compliance
- LGPD: Data processing with explicit consent
- SOC 2: Preparation for Type II certification
- ISO 27001: Alignment with international standards
Available Documentation
- Privacy policies
- Terms of service
- Data processing (DPIA)
- Transparency reports
Frequently Asked Questions
"Is my data secure?"
Yes. Data is encrypted in transit and at rest. We follow industry security practices.
"Can I use my own models?"
Yes. We support integration with your own model endpoints (OpenAI, Azure, etc.), keeping data within your governance.
"What happens in case of a breach?"
We have incident response plans, notification within 72 hours, and documented mitigation processes.
"Can I audit the system?"
Yes. We offer complete audit trails for all system actions and decisions.
Commitment
"Security is not a destination — it's a continuous journey of improvement. We are committed to evolving our practices as the threat landscape changes."
Next: Partners and Investors | Previous: Mission