Security & Compliance

Enterprise-Grade Security
You Can Rely On

Your patient data is protected with the same standards used by banks and healthcare systems. Security isn't an add-on — it's built into every layer.

🔒 AES-256 Encrypted
🏥 HIPAA Compliant
📜 SOC 2 Ready
🌎 GDPR & CCPA
💳 PCI Compliant
✅ 99.9% Uptime

Data Protection at Every Layer

Military-grade encryption protects your data whether it's stored, in transit, or being processed.

🔒

AES-256 Encryption at Rest

All stored data — patient records, booking details, conversation logs — is encrypted using AES-256, the same standard used by the U.S. government and financial institutions.

🛡

TLS 1.3 in Transit

Every connection between your browser and our servers is secured with the latest TLS 1.3 protocol. No data ever travels unencrypted.

🔐

Key Management

Encryption keys are managed through AWS KMS with automatic rotation. Keys are never stored alongside data and are hardware-protected.

🛠

Secure Infrastructure

Hosted on AWS with VPC isolation, security groups, and DDoS protection. Regular penetration testing and vulnerability scanning.

Compliance You Can Trust

Built for healthcare from day one. We meet the strictest compliance standards in the industry.

🏥

HIPAA

Full HIPAA compliance for protected health information. BAA available for healthcare customers.

Compliant
📜

SOC 2 Type II

Security controls aligned with AICPA's Trust Service Criteria for service organizations.

In Progress
🌎

GDPR

Full GDPR compliance. Data processing agreements, right to erasure, and data portability included.

Compliant
💳

PCI DSS

Payment processing meets PCI DSS Level 1 standards through our certified payment partners.

Compliant

Access Controls & Authentication

Granular permissions ensure the right people have access to the right data — nothing more.

🔐

Two-Factor Authentication (2FA)

Optional 2FA for all accounts. Supports authenticator apps for an extra layer of security on every login.

👥

Role-Based Access Control

Three distinct roles — Head Admin, Admin, Doctor — each with precisely scoped permissions. No over-privileged accounts.

📄

Audit Logging

Complete audit trail of all account actions. Track who changed what, when, and from where. Immutable and exportable.

📧

Session Management

JWT-based authentication with configurable session timeouts. Automatic logout on inactivity. Secure token storage.

You Own Your Data — Always

We never sell, share, or use your data for advertising. You maintain full ownership and control at all times.

  • Export all your data at any time (CSV, JSON)
  • Delete your account and all data with one click
  • Data processing agreement available on request
  • No data mining or third-party sharing
  • Data residency options for EU customers
  • Automatic data retention policies
  • Right to erasure (GDPR Article 17)
  • Regular data integrity verification

Infrastructure & Reliability

99.9% Uptime SLA

Guaranteed uptime with automated failover. Multi-AZ deployment on AWS ensures your chatbot is always available.

🔄

Automated Backups

Daily encrypted backups with 30-day retention. Point-in-time recovery ensures no data is ever lost.

Start Your Secure Free Trial

14 days free, no credit card required. Your data is protected from day one.

Start Free Trial →

ChatGeniusX

DEMO MODE
Hi! I'm ChatGenius at Smile Dental Clinic. I can help you book an appointment, answer questions, or check pricing. Try me out!