Security

Last updated: January 2026

Case Insight360 is built with a security‑first architecture designed for litigation teams handling sensitive and confidential information.

1. Our Security Principles

We design every part of Case Insight360 around four core principles:

  • Confidentiality — Your documents and case data remain private and isolated.
  • Integrity — Data is processed accurately and protected from unauthorized modification.
  • Availability — The platform is engineered for reliability and consistent access.
  • Transparency — You always know how your data is handled and protected.

2. Encryption

Encryption in Transit

All data transmitted between your browser, our servers, and storage systems is protected using industry‑standard HTTPS/TLS encryption.

Encryption at Rest

Documents, extracted text, and case data are encrypted at rest using cloud‑provider encryption. Backups and snapshots are also encrypted.

3. Case‑Level Isolation

Each case is stored and processed in its own isolated environment. This prevents:

  • cross‑matter exposure
  • accidental mixing of facts
  • unauthorized access to unrelated cases

Isolation applies to documents, extracted text, embeddings, and AI‑generated outputs.

4. Access Controls

We use role‑based access controls (RBAC) to ensure only authorized users can view or manage case materials.

Controls include:

  • unique user accounts
  • secure password requirements
  • optional two‑factor authentication (TOTP)
  • least‑privilege access for internal operations

Administrative access is strictly limited and monitored.

5. AI Processing & Data Handling

AI processing is performed within your case boundary. We do not:

  • use your documents to train external models
  • share your data with third‑party AI providers
  • mix your data with other customers' data

Your documents remain your property at all times.

6. Infrastructure Security

Case Insight360 is hosted on secure, U.S.-based cloud infrastructure with:

  • network‑level firewalls
  • DDoS protection
  • automated patching
  • encrypted storage
  • secure key management

We rely on cloud‑provider best practices for physical and environmental security.

7. Audit Logging

We maintain audit‑friendly logs to support:

  • internal review
  • security investigations
  • compliance workflows

Logs include authentication events, system activity, and administrative actions.

8. Continuous Security Hardening

Security is an ongoing process. We regularly:

  • update dependencies
  • review access controls
  • monitor for vulnerabilities
  • improve internal security practices
  • refine isolation and sandboxing mechanisms

As the platform evolves, so do our safeguards.

9. HIPAA‑Ready Infrastructure

While Case Insight360 is not a covered entity, our infrastructure supports workflows involving protected health information (PHI) by providing:

  • encryption in transit and at rest
  • access controls
  • audit logging
  • isolated processing

This enables legal teams handling healthcare‑related matters to use the platform responsibly.

10. Data Retention & Deletion

You control your data. Upon request, we will:

  • delete documents
  • remove case data
  • close accounts
  • purge associated content from active systems

Backups are removed according to standard retention schedules.

11. Report a Security Concern

If you believe you've discovered a security issue, please contact us immediately at:

security@caseinsight360.com

We take all reports seriously and will respond promptly.