diagnoVET logo - AI for Animal Health
Security

Built for clinical-grade trust.

Patient data, veterinarian sign-off, and audit trails are first-class concerns on diagnoVET, not afterthoughts. The detail below is what we ship today.

01

Data encrypted in transit and at rest

All DICOM ingest and report storage runs over TLS. At-rest data uses AES-256. Keys are managed in a dedicated KMS.

02

Workspaces are isolated

Cases, templates, findings libraries, and signed reports belong to your workspace. No cross-workspace leakage. Permissions follow the case, and roles control administrative access, report signing, and case visibility.

03

Every report is a draft until a veterinarian signs

The platform produces drafts. The veterinarian reviews, edits, and signs. The signed PDF carries the credentialed sign-off. Nothing leaves the platform without one.

04

Field-level audit log on every report

Every change to a report is recorded as an immutable snapshot with user, timestamp, and the fields changed. The history is visible inside the case and survives deletion or restoration.

05

Human-in-the-loop architecture

Methodology disclosed, limitations published, posture stated. Findings are produced where the images support them. Indeterminate views are surfaced as indeterminate, not pushed into a category they do not belong in.

06

Data residency posture

Studies are stored in a cloud environment dedicated to clinical workloads. Signed URLs are used for any external share.

How we earn skepticism

What we publish. What we won't claim until it's true.

The fastest way to over-promise on security is to use the right adjectives without doing the work. Here is what diagnoVET commits to today, and what it will not say it is until the work has been done and audited.

What the platform does today

  • Field-level audit log

    Every change to a report is logged with user, timestamp, and field-level diff. The history is exportable.

  • Workspace isolation

    Cases, templates, and signed reports belong to the workspace. No cross-workspace leakage.

  • AES-256 at rest, TLS in transit

    Industry-standard encryption end to end. Keys live in a dedicated KMS.

  • Immutable diff history

    Each report version is a snapshot. Deletions and restorations are tracked, not lost.

  • Conservative drafting on uncertain views

    Indeterminate views are surfaced as indeterminate, not pushed into a category they do not belong in.

  • Drafts until a veterinarian signs

    Nothing leaves the platform unsigned.

What we won't claim until it's true

  • SOC 2 Type 2 certified

    Not certified yet. We will claim it once the audit completes and we can show you the report.

  • HIPAA-compliant

    We will not call diagnoVET HIPAA-compliant in the abstract. We are happy to walk through the relevant controls under NDA.

  • FDA-cleared

    Not cleared. diagnoVET is a clinician-assistive draft, not a regulated medical device.

  • GDPR-compliant

    Not asserted. The platform follows GDPR-relevant controls; the legal claim waits for counsel review.

A list with negatives at the bottom is uncomfortable for marketing. It is honest. When a claim is ready to move from the right column to the left, it will move only after the work and an audit support it.

For a security review, vendor questionnaire, or documentation request, contact us. We respond within one business day.

Request security review Back to home