ABSON.aiABSON.ai
Why ABSONPortalsPlatformDirectorySecurityPricingTeamDemo
Security & Compliance

Built for privileged materials. Built for healthcare.

Built for firms that handle privileged materials and protected health information.

HIPAAHITRUSTSOC 2Zero Retention
The Four Pillars

How ABSON protects privileged work.

Four control surfaces — data protection, privilege isolation, AI data handling, and access & audit — each enforced at the platform layer.

01Data Protection

Encryption and infrastructure.

  • AES-256 encryption at rest, TLS 1.3 in transit
  • Customer-managed keys via Azure Key Vault
  • US-based Azure infrastructure
  • Annual penetration testing
02Privilege & Work Product

Isolation by default.

  • Matter-level data isolation
  • Conflict wall capability
  • Expert work product private by default
  • Certified deletion with confirmation
03AI Data Handling

Zero retention.

  • Zero-retention LLM API
  • No model training on client data
  • No third-party repository for subpoena
  • Minimum context per query
04Access & Audit

Every action logged.

  • Multi-factor authentication required
  • RBAC with firm-level IP allowlisting
  • Immutable 7-year audit trail
  • 99.5% uptime SLA with service credits
How isolation works

Three portals. Zero crossover.

Every portal operates in its own walled environment. No case data, work product, or analytical output crosses between sides.

Tenant Isolation

Each portal runs in a separate data environment. Plaintiff, defense, and IME workspaces never share storage, compute, or access credentials.

Conflict Checking

Automated screening prevents the same matter from appearing in opposing portals. Conflicts are flagged before case data enters the system.

Access Controls

Role-based permissions ensure each user sees only the cases, documents, and outputs assigned to their portal and practice.

Audit Trail

Every query, document access, and generated output is logged with timestamps, user identity, and portal origin for full traceability.

SOC 2 Type II · HIPAA Compliant · 256-bit AES encryption at rest and in transit
Certifications & Posture

The answer to every IT question.

The short version of the security posture, suited for your IT team's intake form.

HIPAACompliant
HITRUSTAligned
SOC 2Compliant Cloud
AzureUS Infrastructure
BAAAll Subprocessors
Zero RetentionAI Processing
For Your IT Team

Technical security details.

A reviewer-ready summary of the platform's technical security architecture, suitable for paste into a vendor security questionnaire.

Infrastructure

Microsoft Azure US regions.

Encryption

Customer-managed encryption keys through Azure Key Vault. AES-256 at rest, TLS 1.3 in transit.

Identity

Azure AD integration with SAML 2.0 SSO. OAuth 2.0 API authentication with scoped tokens.

Isolation

Case-level data isolation enforced at the database query layer. Vector search scoped to single case partitions.

Audit

Immutable audit trail with cryptographic integrity, 7-year retention.

AI

Zero-retention AI API configuration contractually enforced.

Testing

Annual penetration testing with remediation tracking.

Have a security review in flight? We can answer it.

Request the full technical security package for your IT team's vendor review.

Request a Demo Download the brief
ABSON.ai — AI Medical Record Review