ClinDraft

HIPAA-aligned

Security at ClinDraft

ClinDraft is built to handle protected health information with the safeguards a regulated mental-health practice requires. Below is the list of controls that are in place today, written for clinicians evaluating us — not a marketing pitch.

  • Encryption at rest (AES-256-GCM)

    Sensitive clinical data — session notes, transcriptions, and contact notes — is encrypted at the field level using AES-256-GCM before being written to the database. Disk-level encryption adds a second layer.

  • Encryption in transit (TLS 1.2+)

    All connections between your browser, our APIs, and our database are encrypted with TLS 1.2 or higher. Older protocols are refused.

  • Role-based access control

    Owner, practitioner, and helpdesk roles each see only what they need. Row-level security policies enforce team-scoped access on every database query — even if a query is malformed, data from another team cannot be returned.

  • Audit logs on PHI mutations and reads

    Changes to sensitive records are written to immutable audit tables. Reads of protected health information are logged on six backend services so we can answer "who saw what, and when".

  • PHI redaction in logs

    Application logs are scrubbed of patient identifiers and clinical content before being written. Info-level logs contain zero protected health information.

  • Data retention and automated purge

    Clinical notes are retained for 6 years per healthcare standards. Audio recordings are retained for 1 year. Older records are purged on a defined schedule — you can also delete on request.

  • Crypto-shredding on account deletion

    When you delete an account, the encryption keys for that account are destroyed. The encrypted data — even in backups — becomes permanently unrecoverable.

  • Inactivity timeout (15 minutes default)

    Sessions automatically log out after a period of inactivity, configurable from 15 minutes up to 4 hours per practitioner preference. This satisfies 45 CFR 164.312(a)(2)(iii).

Business Associate Agreements

We are progressively signing Business Associate Agreements with our subprocessors (database, transcription, AI, email). Until that work is complete, we describe ClinDraft as HIPAA-aligned rather than making a full HIPAA compliance claim. We will update this page as each agreement is finalised. If you are evaluating ClinDraft for a HIPAA-regulated practice and need to see the current BAA status, contact us — we will share what we have.

More questions? See our FAQ or contact us.