Home
LeafNote Trust Center

Security You Can Verify

LeafNote is built on a Zero-Trust security architecture designed specifically for clinical healthcare data. Here's exactly how we protect your patients.

1. How We Protect Your Patients

PII Scrubbing & Encryption

Client-Side PII Scrubbing

Patient names, SSNs, phone numbers, emails, and addresses are automatically redacted in your browser before any data leaves your device. The AI never sees identifying information.

AES-256-GCM Encryption

All clinical text is encrypted at the application level using AES-256-GCM before database storage. Even if the database were compromised, the data is unreadable without the encryption key.

2. How We Ensure Clinical Accuracy

Anti-Hallucination Guardrails

BYOK (Bring Your Own Key)

Enterprise clients can use their own Anthropic API key, maintaining full ownership of the AI data pipeline and their existing BAA arrangements.

Anti-Hallucination Guardrails

AI temperature is locked at 0.0 for maximum determinism. The system prompt strictly forbids the AI from inventing symptoms, diagnoses, or patient history not present in your notes.

3. Enterprise Compliance

HIPAA Technical Safeguards & BYOK

Row-Level Security Isolation

Every database query is enforced at the PostgreSQL level to ensure therapists can only access their own records. There is no database-level path to another user's data.

Zero-Retention Transit

Clinical text exists only in server memory during AI processing. No logging, no caching, no temporary files. Data is garbage-collected immediately after the response.

HIPAA Technical Safeguards

Encryption at Rest

AES-256-GCM application-level encryption

Encryption in Transit

TLS 1.3 enforced via HSTS headers

Access Controls

Row-Level Security with per-user isolation

Audit Logging

Append-only audit trail for all data access

Session Management

15-minute idle auto-logout

Data Residency

US-based data centers (AWS us-east-1)

Clinician's Bill of Rights

Your data is never held hostage. As a LeafNote user, you have the unconditional right to:

  • Export your data at any time — download all SOAP notes as CSV with a single click
  • Delete your account and data — full deletion with 30-day grace period for recovery
  • Use your own AI key (BYOK) — maintain full ownership of the data pipeline
  • Cancel without penalty — no lock-in contracts, cancel anytime from your dashboard

Ready to try the most secure clinical AI platform?

7-day free trial. No lock-in. Enterprise-grade security from day one.