We are committed to protecting your firm's sensitive data with enterprise-grade security, compliance, and data protection measures built into every layer of our service.
All data transmitted between your device and our servers is encrypted using industry-standard Transport Layer Security (TLS) 1.2 or higher with 256-bit encryption. This ensures that your data is protected from eavesdropping or man-in-the-middle attacks.
All your data, including case information and metadata, is encrypted at rest using AES-256 encryption. Your documents are stored in your own Google Drive, inheriting Google's world-class encryption standards.
CoreText uses Google Workspace for authentication via OAuth 2.0. This means we do not store passwords. You benefit from Google's robust security measures, including multi-factor authentication (MFA), login alerts, and centralized identity management.
Our integration with Google Workspace follows the principle of least privilege. We only request access to the specific Google Drive and Gmail data necessary to provide our services. We never request broad, account-wide permissions.
CoreText is built on Google Cloud Platform (GCP), the same infrastructure that powers Google's own products. We leverage GCP's extensive security features, including advanced threat detection, secure data centers, and a global private network.
CoreText is designed to help you meet your HIPAA obligations. We have implemented the necessary administrative, physical, and technical safeguards to protect electronic Protected Health Information (ePHI). We are prepared to sign a Business Associate Agreement (BAA) with covered entities.
Our infrastructure on Google Cloud Platform is SOC 2 Type II certified. We are committed to achieving our own SOC 2 Type II certification to provide an independent audit of our security, availability, and confidentiality controls.
We are committed to working with security researchers to identify and resolve potential vulnerabilities. If you believe you have found a security issue in our service, please email us at security@coretext.cloud. We will investigate all reports and do our best to quickly address valid issues.
If you have any questions about our security practices, please contact us: