Vero Scribe is built for clinicians, which means patient privacy is a foundation of the product. This article summarizes the safeguards in place, independent verification, and controls available to you.

Where Your Data Is Stored

Vero applies regional data localization:

Customers in Canada have their data stored in Canada.
Customers in the United States have their data stored in the United States.

Primary clinical data, including encounters, notes, patient records, uploaded documents, and audio-derived transcripts, stays within your region. Certain supporting functions rely on third-party service providers whose infrastructure may operate in other jurisdictions; in those cases, contractual data-protection obligations are in place.

Your data is logically isolated from other users. Row-level security is enforced at the database layer so queries can only return records belonging to the authenticated user or permitted organization scope.

Encryption

In transit: TLS 1.2 or higher is enforced for every connection.
At rest: Storage is encrypted using industry-standard controls, including AES-256 where applicable.
Access controls: Clinical data access requires authenticated sessions and record-level authorization.

Access Controls

Authentication: Email/password and optional multi-factor authentication (TOTP). You can enable MFA from Account → Security.
Session handling: Sessions use modern token-based authentication controls.
Account security: Authentication endpoints include protection against abuse and suspicious access patterns.

Independent Testing

Vero is verified by independent third parties, not just internally.

Assessment	Result	Timeline
Independent penetration testing	Low risk rating with no critical, high, or medium findings reported in the latest assessment	Ongoing
Infrastructure vulnerability scanning	Continuous scanning and remediation workflow	Ongoing
SOC 2 Type II	In progress with an AICPA-qualified CPA firm	Active

Compliance Posture

HIPAA: Vero is aligned with HIPAA Security Rule safeguards. Healthcare organizations that require a Business Associate Agreement can contact us.
PIPEDA: Vero is built to support Canadian privacy requirements, including data localization for Canadian customer data and contractual controls for subprocessors.
PHIPA: Vero supports PHIPA-aligned workflows for Ontario healthcare settings, including regional data storage, access controls, encryption, retention controls, and no model training on patient data. See PHIPA and Ontario Health Privacy.

AI & Patient Data

Vero uses AI to help generate notes, answer clinical questions, and support documentation workflows. Patient data is handled under strict rules:

Patient data and sensitive health information are not used to train, develop, or improve Vero's proprietary AI models.
Patient data is protected throughout the AI pipeline.
Prompt-injection defenses and output validation help prevent untrusted pasted text or uploaded documents from hijacking a session.
Third-party AI providers used in the pipeline are bound by contractual data-protection obligations.

Clinician Responsibility

Vero is a clinical documentation and decision-support tool, not a medical device. AI-generated output can occasionally be incomplete or inaccurate. Clinicians are professionally responsible for reviewing, verifying, and correcting every note or answer before it is used for clinical care or documentation.

Your Rights and Controls

In the product, you can:

Enable MFA from Account → Security.
Configure automatic deletion from Account → Security → Data retention, with a retention window from 1 to 365 days.
Delete encounters, notes, chats, uploads, or patients when they are no longer needed.
Request account deletion or privacy assistance by contacting Vero.

We may need to verify your identity before processing certain requests.

Continuous Monitoring

Vero runs ongoing monitoring across the production environment, including logging, alerting, infrastructure monitoring, and security review processes.