Security
Architecture of Trust
Clinical data is protected at the highest level — security is an integral element of system architecture.
European Infrastructure
All data is stored exclusively on Microsoft Azure servers in the European Union (EU West — Netherlands, Ireland). No data is transferred outside the European Economic Area.
Therapist at the Center
AI supports material analysis but does not make clinical decisions. Azure OpenAI operates in inference mode, without memorizing data. Full control over documentation remains with the therapist.
Data Vault
Each patient has a separate, fully isolated data container. One patient's data does not mix with another's — neither logically nor physically.
Multi-layered Protection
We use security standards applied in banking and healthcare.
End-to-end Encryption
Data transmission is secured by TLS 1.2+ (HTTPS) protocol. Data is stored using Transparent Data Encryption (Azure SQL). Backups are encrypted and geo-redundant.
Data Isolation
Each patient has a separate data container. Logical and infrastructural separation ensures a high level of privacy.
Access Control
Multi-level authorization and authentication restrict access exclusively to authorized persons. Access scope can be managed precisely.
Audit & Logs
Full access and change history is recorded. Daily automatic backups are performed with data recovery capability.
Standards
The system operates in compliance with applicable European and international regulations. Only the therapist has access to therapy session content.
GDPR
Full compliance with the General Data Protection Regulation.
AI Act
Compliance with the European Artificial Intelligence Act.
ISO 27001
International standard for information security management.