ForensicShield treats your reports the way the next auditor or plaintiff’s attorney would expect them to be treated. Encryption you cannot weaken without rewriting the codebase, audit logs you cannot quietly edit, and a default of failing closed when something unexpected happens.
Every tile below maps to verifiable artifacts: CloudWatch alarm counts, KMS key inventory, audit log retention configuration, and IR plan version numbers. Enterprise prospects can request the 90-day evidence pack below.
ForensicShield’s AI positioning is also its security posture. Because the platform is a preparation tool used by the credentialed expert before testimony — not a system that makes or influences clinical conclusions — its threat model is narrower, its audit surface is smaller, and its regulatory obligations under emerging state AI laws are reduced.
All production Claude API calls go through AWS Bedrock, never the Anthropic Direct API. The same Business Associate Agreement that covers the database covers AI inference. Anthropic never receives, processes, or stores report content.
Bedrock invocation logging is enabled with text_data_delivery_enabled = false — model input/output is not persisted to S3 by AWS.
Every Bedrock inference generates an application-layer audit row capturing: call ID, analysis pass type, token counts (input and output), model ID, outcome, and timestamp. CloudTrail Bedrock data events provide a second independent log at the AWS layer.
15 prompt-injection payloads are tested against the analysis pipeline on every significant change. Report content is treated as data, not instructions — wrapped in XML delimiters and processed through a multi-pass chain with no opportunity for injected instructions to alter pipeline behavior.
Texas TRAIGA, Colorado AI Act (SB 24-205), and Utah AIPA each impose disclosure obligations on AI deployers. ForensicShield’s prep-tool architecture reduces deployer obligations under all three: the platform supports the forensic expert’s own review process, not consequential decisions affecting evaluees.
See Forensic Framework Alignment for the full state AI law analysis.
AI documentation: Model Card — accuracy rates, known limitations, and construct-adequacy constraints — and the NIST AI RMF Crosswalk are published for enterprise review. Both follow the NIST AI RMF Generative AI Profile (NIST AI 600-1).
Every PHI field is encrypted at the application layer before it touches the database. We use AES-256-GCM with envelope encryption: a unique data encryption key per operation, zeroed from memory after use, protected by a customer-managed master key in AWS KMS that rotates every 365 days and never leaves AWS hardware.
If you work at a multi-evaluator practice, you are not sharing tables with strangers. Every query is scoped to your organization at two independent layers: the application code filters by your org ID, and PostgreSQL Row-Level Security policies enforce the same restriction at a layer the application cannot bypass.
Multi-factor authentication is mandatory — not an optional Security tab. The application checks the MFA claim on every request and fails closed if it cannot prove you passed. Sessions time out after 15 minutes of server-enforced inactivity. Every access is captured in an append-only audit log.
When something breaks, engineers need diagnostic information — but they do not need patient names. Every error report runs through a multi-layer scrubber that strips request bodies, removes any field ending in _encrypted, and scans free text for SSNs, dates of birth, addresses, MRNs, ICD-10 and DSM-5 codes, and psychological test score patterns. If the scrubber fails, the error report is dropped.
Four stages, one security boundary. Anthropic’s model runs inside AWS Bedrock — your report never leaves AWS infrastructure.
Your browser sends the report over TLS 1.2/1.3. AWS WAF inspects the request before it reaches the application.
TLS encryptedApplication-layer AES-256-GCM with a unique key per operation, wrapped by a customer-managed AWS KMS master key.
AES-256-GCMClaude runs inside AWS Bedrock — the same security boundary as the database. Anthropic never receives your data.
AWS BedrockFindings encrypted with the same envelope scheme. Every view, export, and edit is captured in the append-only audit log.
Audit loggedSteps 2 through 4 happen entirely inside the AWS security boundary. No PHI is sent to Anthropic, OpenAI, Google, or any other AI vendor. AWS Bedrock is covered by the same Business Associate Agreement that covers our database and storage.
Compare this to platforms with separate BAAs across OpenAI, Anthropic, Pinecone, Redis Cloud, and three analytics vendors. We architected the platform to keep that list at one.
| Subprocessor | Role | BAA | PHI Access |
|---|---|---|---|
Amazon Web Services (AWS) | All compute, storage, database, AI inference (Bedrock), KMS, logging | Signed | Full — only subprocessor with PHI access |
Clerk | Authentication and MFA | Not required | Practitioner identifiers only (email, name) |
Stripe | Billing and subscription management | Not required | Organization email, tier, internal ID — no clinical content |
CourtListener | Case-law citation verification | Not required | Formatted citation strings only |
LegiScan, Open States | Public legislative data | Not required | Read-only public data, no outbound PHI |
Anthropic is NOT a subprocessor. Their model runs inside AWS Bedrock, covered by the same AWS Business Associate Agreement that covers our database and storage. Anthropic never receives, processes, or stores your report content.
For the complete vendor list, see our subprocessors page.
Every customer organization signs a BAA with ForensicShield before uploading. It is not a checkbox buried in a Terms of Service — it is a separate, scroll-to-the-bottom acknowledgment inside the application, recorded with your identity, a timestamp, and a cryptographic hash of the exact text you saw. If the BAA is ever revised, you re-accept the new version before you can continue.
Our own upstream BAAs are in place before we ever touch PHI. AWS is signed; the rest of our stack does not handle PHI and does not require one.
Security testing at ForensicShield runs continuously, weekly, monthly, on every commit, and on every alarm.
Lint, type-check, full automated test suite, migration integrity check, and a dependency vulnerability audit that blocks merges if any dependency has a known high or critical severity finding.
OWASP ZAP DAST scans run every Sunday against the deployed platform. Findings are reviewed and tracked in a version-controlled rules file with explicit suppression justifications.
Backup restore verification runs on the first of every month, restoring the latest snapshot to an isolated environment, validating it, and cleaning up. Failures raise an alarm.
Inspector v2 scans every container image and Lambda. GuardDuty monitors for anomalies. Security Hub checks our posture against CIS AWS Foundations and AWS Foundational Security Best Practices.
Seventy-plus CloudWatch alarms watch for authentication failure spikes, unhealthy containers, error rate spikes, dead-letter queue growth, and Inspector critical findings.
Automated daily backups with continuous point-in-time recovery. The main application database retains seven days; the Legal database retains 35 days and runs Multi-AZ. All backups are encrypted with the same customer-managed KMS keys described above.
An automated script picks the latest snapshot, restores it to a temporary instance, validates encryption and connectivity, produces a compliance report, and cleans up after itself. HIPAA asks us to test our contingency plan — we automate it.
Original uploads in S3 have versioning enabled. PHI buckets block public access at four levels of configuration, reject non-encrypted uploads, and reject any non-HTTPS connection.
Audit logs, database logs, container logs, VPC flow logs, and CloudTrail API logs are retained for 7 years (2,557 days) — one year past the HIPAA minimum, with the extra year as a buffer for incidents that come to light slowly.
Security questionnaire pre-fills, audit artifacts, and compliance reports are available to qualified prospects and existing customers. Click any request link below to open a pre-addressed email to trust@forensicshield.net — responses within two business days.
Available after signing an NDA. Audit in progress; report expected Q4 2026.
Request via emailHigher Education Community Vendor Assessment Toolkit responses for ForensicShield.
Request via emailCloud Security Alliance Consensus Assessment Initiative Questionnaire responses.
Request via emailOur standard Business Associate Agreement in PDF and Word format.
View templateExecutive summary of our annual third-party penetration test. First engagement Q3 2026.
Request via emailAudit artifact export covering 90 days of controls evidence. Generated on request.
Request via emailHIPAA requires covered entities and business associates to document, implement, and maintain a security management process. This table reflects ForensicShield’s current status on the components most commonly reviewed during enterprise security questionnaires.
| Program Area | Status | Details |
|---|---|---|
| Risk Analysis | Current | Annual cadence; last completed April 2026; next review April 2027 |
| Security Awareness Training | Current | Training records current; tracked in P26 compliance tracker |
| DR / BCP Testing | Current | Backup restore tested monthly via automated script (P32); full DR test cadence documented |
| Audit Log Integrity | Current | Immutable CloudTrail Object Lock COMPLIANCE mode; daily KMS-signed integrity manifests |
| Penetration Testing | Scheduled | Annual commitment; first third-party engagement Q3 2026 |
| BAA Coverage | Current | AWS BAA signed; all other subprocessors verified as non-PHI handlers |
| Vendor Attestation Refresh | Current | Annual refresh cycle; all current-year attestations on file |
| Incident Response Plan | Current | IR plan v1.2.1; tabletop exercise Q3 2026; §164.404 notification tracker active |
Last updated: April 2026. This table is reviewed and updated quarterly by the ForensicShield security team. For the full evidence pack with artifact links, request via trust@forensicshield.net.
ForensicShield publishes its security architecture, HIPAA compliance map, forensic framework alignment, and subprocessor list because practitioners have professional obligations that require documented assurances, not vendor assurances buried in a sales conversation.
Try ForensicShield on a sample report — no upload required. Then run your own.
Run a Free Sample Analysis →14-day free trial · 2 reports included (1 sample + 1 of your own) · A payment method is collected for identity verification — your card will not be automatically charged when the trial ends · HIPAA compliant
