Talk to us!

Trust and Security

Inspira collects and stores data from employee computing devices, which we take professional measures to protect, as described herein.

In close coordination with a client’s technical team, data collection and usage are always in compliance with local laws and regulations, including GDPR, CCPA and HIPAA.

We only use language models controlled and hosted within the United States, by companies incorporated in the United States.

Subprocessors

  • Amazon Web Services
  • Anthropic
  • Auth0
  • Google Workspace
  • Google Cloud Platform
  • Grok AI
  • Langfuse
  • Open AI

 

Data Security

In-Transit Data Encryption

In-transit data is encrypted using SSL or TLS Protocol.

In-transit encryption refers to protecting data while it is being transmitted between systems, such as from a user’s device to a web server or between servers. Secure Sockets Layer (SSL) and Transport Layer Security (TLS), are cryptographic protocols we rely upon for protection.

How SSL/TLS Works:

  • Handshake: When a device connection is initiated with a server, an SSL/TLS handshake occurs. During this process, the device and server agree on the version of SSL/TLS to use, exchange cryptographic keys, and authenticate each other.
  • Symmetric Key Exchange: A symmetric encryption key is generated and securely exchanged between the device and server using asymmetric encryption. This key will be used to encrypt and decrypt the data transmitted during the session.
  • Data Encryption: All data transmitted between the device and server is encrypted using the symmetric key. This ensures that even if the data is intercepted, it cannot be read without the key.
  • Data Integrity: SSL/TLS includes mechanisms to ensure the integrity of the data transmitted. This means that any unauthorized modification of the data during transit will be detected.

 

At Rest Data Encryption

Data is stored within the infrastructure of Amazon Web Services (AWS) and Google Cloud Platform (GCP). 

Physical Security:

  • AWS and GCP data centers are designed with robust physical security measures, including restricted access, surveillance, environmental controls, and redundant power and network connectivity.

Data Encryption:

  • GCP provides industry-standard algorithms and key management systems. For production data, we use GCP’s KMS to manage keys.

Compliance:

  • AWS & GCP maintain a broad set of compliance certifications and attestations, including SOC 2, ISO 27001, HIPAA, GDPR, and more.

Data Durability and Availability:

  • AWS & GCP provide high durability and availability storage, designed to protect data from loss or downtime, including redundant storage across multiple facilities and automatic backups to ensure that data remains accessible even in the event of hardware failures.

Network Security:

  • We use network security controls, including firewalls, intrusion detection systems, and DDoS protection, to safeguard data from unauthorized access and attacks.

Access Controls: 

Data access is limited to a small number of select DevOps and SysAdmin engineers only to maintain security and improve systems. Team member security protocols are further firewalled through unique IP filters.

Data Minimization: 

If a client ceases to be a client, they may request to have any data that was collected in the course of our relationship, anonymized, meaning the remaining data will have been altered so much that it cannot be associated with any specific company or employee.