Vero Scribe is built for clinicians, which means patient privacy is the foundation of the product — not a feature. This article summarizes the safeguards in place, the independent verification we've put Vero through, and the controls available to you.
Where Your Data Is Stored
Vero applies regional data localization:
Customers in Canada have their data stored in Canada.
Customers in the United States have their data stored in the United States.
Primary clinical data — encounters, notes, patient records, uploaded documents, audio — stays within your region. Certain supporting functions rely on third-party service providers whose infrastructure may operate in other jurisdictions; in every such case, a legally binding Data Processing Agreement (DPA) is in place requiring data-protection standards equivalent to or greater than our own. See our Privacy Policy for details.
Your data is logically isolated from every other user. Row-level security is enforced at the database layer, so queries can only return records belonging to the authenticated user. Our December 2025 independent penetration test confirmed no cross-tenant data exposure.
Encryption
In transit: TLS 1.2 or higher is enforced for every connection. TLS 1.0 and 1.1 are disabled.
At rest: All storage is encrypted with AES-256. Database encryption uses Transparent Data Encryption (TDE).
Service-to-service: Mutual TLS is enforced between internal services.
Access Controls
Authentication: Email/password with optional two-factor authentication (TOTP), which you can enable from Settings → Account. We strongly recommend every clinician turn it on.
Session handling: Short-lived access tokens with refresh rotation. OAuth flows use PKCE.
Brute-force protection: Rate limiting and account lockout on authentication endpoints.
Independent Testing
Vero is verified by independent third parties, not just by ourselves.
Assessment | Result | Timeline |
Independent penetration test (NIST SP 800-115) | Low risk rating — 0 critical, high, or medium findings | Ongoing |
Infrastructure vulnerability scan | 0 vulnerabilities at any severity; 96/100 security score | Ongoing |
Security incidents | Zero in the past 365 days | Ongoing |
SOC 2 Type II | In progress with an AICPA-qualified CPA firm; observation period targeted for completion June 2026 | Active |
Compliance Posture
HIPAA: Vero is aligned with the HIPAA Security Rule. Our December 2025 vulnerability scan confirmed 100% compliance with applicable HIPAA/HITRUST controls. Healthcare organizations that require a Business Associate Agreement (BAA).
PIPEDA: 100% compliant with Canadian privacy requirements.
AI & Your Patients' Data
Vero uses artificial intelligence to help generate notes. We have strict rules about how that data is handled:
Under no circumstances is patient data or Sensitive Health Information used to train, develop, or improve Vero's proprietary AI models. This is a commitment in our Privacy Policy, not just a practice.
Patient data is encrypted throughout the AI pipeline. Our ongoing penetration tests confirmed no cross-tenant leakage and complete audit logging of all AI operations.
Prompt-injection defences and output validation are in place so untrusted content (such as pasted text or uploaded documents) cannot hijack a session.
Third-party AI providers used in our pipeline are bound by Data Processing Agreements that govern how they handle your data on our behalf.
Clinician Responsibility
Vero is a clinical documentation tool, not a medical device, and it does not provide medical advice. AI-generated output can occasionally be incomplete or inaccurate. You are professionally responsible for reviewing, verifying, and correcting every note before it is used or relied upon for any clinical purpose. For the full terms, see our Terms of Service, Section 9.
Your Rights and Controls
In the product, you can already:
Enable two-factor authentication in Settings → Account → Security.
Configure automatic deletion of encounters in Settings → Data Management (retention window from 1 to 365 days).
Delete any encounter, note, or patient from the record itself. Cascades remove associated notes, messages, and uploaded files.
Close your account through Account Settings, or by contacting us at [email protected].
We respond to verifiable requests within the timeframe required by applicable law. We may need to verify your identity before processing certain requests.
Continuous Monitoring
Vero runs 24/7 monitoring across the production environment — a Security Information and Event Management (SIEM) platform with healthcare-specific correlation rules, endpoint detection and response (EDR) on all compute resources, network flow logging, and continuous cloud posture management.
Questions or Compliance Documentation
We're happy to share documentation with your compliance or privacy team. For any of the following, email [email protected].
Business Associate Agreement (BAA) requests
Account deletion requests
Any other privacy, security, or compliance question
We take privacy personally. If you spot anything that concerns you, please tell us — we'd rather hear it from you than have it slip.