Most healthcare AI tools rely on standard TLS encryption. We go further with AES-256-GCM envelope encryption, ECDH key exchange, and enforcement mode that rejects plaintext PHI at the server level. Your patients trust you with their health. You can trust us with their data.
Zero
Data Breaches
Q1 2026
Last Security Audit
Health Insurance Portability and Accountability Act compliant with signed BAAs
SOC 2 controls framework implemented across the Scribeable platform; third-party audit planned. Infrastructure hosted on SOC 2 Type II certified providers (GCP).
General Data Protection Regulation compliant for EU data subjects
California Consumer Privacy Act compliant
Every piece of patient data is protected by five independent encryption layers. CDN, edge infrastructure, and reverse proxies never see plaintext PHI.
PHI in API requests is envelope-encrypted on your device before transmission. The server never receives plaintext patient data.
Your notes and patient information are encrypted before they ever leave your device.
PHI in API responses is envelope-encrypted on the server before delivery. Intermediary systems see only ciphertext.
Generated notes are encrypted before being sent back to you.
Real-time transcription and rounding data is encrypted per-message over WebSocket connections.
Live transcription during patient encounters is encrypted in real time.
Audio recordings are encrypted before upload. Raw audio is never transmitted in cleartext.
Encounter recordings are encrypted before leaving your device.
Individual PHI fields are encrypted at rest with organization-scoped data encryption keys (DEKs), wrapped by a master key encryption key (KEK) in Google Cloud KMS.
Each data field is independently encrypted in the database.
Encryption keys are negotiated using Elliptic Curve Diffie-Hellman (ECDH) on the P-256 curve. Plaintext keys are never transmitted between client and server. Each session derives fresh ephemeral keys, providing forward secrecy.
Enforcement mode is active on all PHI endpoints. The server rejects any request containing plaintext PHI. This is not optional or configurable — it is a cryptographically enforced guarantee that unencrypted patient data cannot be transmitted to or from the platform.
Because encryption happens at the application layer (above TLS), CDN nodes, edge proxies, load balancers, and reverse proxies only ever see ciphertext. A compromise of any intermediary infrastructure yields zero usable patient data.
Automated health checks run every 15 minutes to verify encryption integrity across all layers. Telemetry tracks encryption match rates, key exchange success, and enforcement compliance. Any anomaly triggers immediate alerts.
Your patient data is protected by 5 independent layers of encryption. Even our own servers cannot read it. Encryption keys never leave your device in plaintext, and our servers actively reject any attempt to send unencrypted patient data. CDN providers, network intermediaries, and even Scribeable employees have zero access to your patients' information.
Defense-in-depth security protecting your practice and patients at every level
All PHI is encrypted using AES-256-GCM envelope encryption with ECDH P-256 key exchange. Five independent encryption layers cover API requests, responses, WebSocket messages, audio streams, and field-level storage. Enforcement mode rejects any plaintext PHI request.
Full compliance with HIPAA Security Rule and Privacy Rule. We sign Business Associate Agreements (BAA) and maintain comprehensive audit trails.
Data stored in HIPAA-compliant data centers in the United States, hosted on SOC 2 Type II certified infrastructure (GCP), with automatic backups and disaster recovery.
We cannot access your unencrypted patient data. Encryption keys are exchanged via ECDH (Elliptic Curve Diffie-Hellman) so plaintext keys are never transmitted. CDN and edge infrastructure see only ciphertext.
Complete audit logging of all data access and modifications. Immutable logs stored securely for compliance and forensic analysis.
Annual penetration testing, quarterly vulnerability assessments, and continuous security monitoring by third-party experts.
Data Handling
Transparent data practices with patient privacy at the core
Documentation
Download our compliance documents and review our policies
Security FAQ
Answers to frequently asked security and compliance questions
Yes. Scribeable is fully HIPAA compliant. We implement all required administrative, physical, and technical safeguards. We sign Business Associate Agreements (BAA) with all covered entities at no additional cost.
All data is stored in the United States on Google Cloud Platform (GCP) infrastructure, which is SOC 2 Type II certified. All data is protected by 5 layers of envelope encryption — at rest and in transit.
No. Our 5-layer envelope encryption with ECDH key exchange means plaintext encryption keys never leave your device. PHI is encrypted before it leaves your device across all channels — API requests, API responses, WebSocket messages, audio streams, and database storage. Our servers run in enforcement mode: any request containing plaintext PHI is rejected. Even with full server access, Scribeable employees see only ciphertext. CDN providers and network intermediaries are equally blind to your data.
Most healthcare AI tools rely on standard TLS (transport-layer) encryption, which protects data in transit but leaves it readable at every server and CDN node in the chain. Scribeable adds application-layer envelope encryption on top of TLS: data is encrypted on your device, stays encrypted through every intermediary, and is only decrypted at the final destination. Enforcement mode guarantees this cryptographically — it is not a policy, it is a server-enforced technical control.
We have comprehensive incident response procedures including immediate containment, forensic analysis, and affected party notification within 24 hours as required by HIPAA. To date, we have had zero data breaches.
Absolutely not. Your patient data is never used to train AI models. Our AI models are pre-trained and your data is processed only for generating your clinical notes.
You control your data retention. Notes and recordings can be deleted at any time from your account. Upon account deletion, all data is permanently removed within 30 days.