Security overview
Caseflow uses authenticated workspace access, role-aware workflows, scoped sharing, audit-oriented records, and practical controls for sensitive case collaboration.
Trust Center
Security, privacy, and AI governance for sensitive case work.
Centralized trust information for teams reviewing Caseflow before bringing legal, investigation, inheritance, and other sensitive records into the platform.
publicSite.components.public.site.public.site.sections.56.confidence
- publicSite.components.public.site.public.site.sections.60.clear_verifiable_product_information
- publicSite.components.public.site.public.site.sections.61.careful_handling_for_sensitive_data_ai_and
- publicSite.components.public.site.public.site.sections.62.visible_pricing_trust_and_support_paths
Enterprise readiness
A clear operating model for procurement and security reviews.
Caseflow presents practical controls and review-ready documentation without claiming certifications, regional guarantees, or completed legal determinations that have not been verified.
AI governance overview
AI features are routed through backend controls, with tenant and case permission checks, data minimization, redaction where supported, metadata-only AI audit records, and human-review-required positioning.
Privacy overview
Privacy materials describe what data may be processed, how AI-assisted processing is triggered, available rights channels, and where lawful basis or transfer details require legal review.
Encryption and access controls
Customer-facing materials describe access controls, document visibility, authenticated routes, and provider-managed infrastructure safeguards without claiming unverified certifications.
Retention and deletion
AI audit metadata includes retention expiry, case deletion is designed to remove related AI artifacts and indexes, and saved AI outputs follow the workspace record where they are stored.
Subprocessors
OpenAI and infrastructure providers may act as subprocessors for selected features. LEGAL_REVIEW_REQUIRED: publish the approved subprocessor list, DPA status, transfer mechanism, and notice process.
Procurement review pack
Use this page as the customer-facing entry point for security, privacy, and AI review. Contractual, legal, and commercial commitments remain subject to approved documentation.
Security architecture summary
Privacy and AI data handling disclosure
Human review disclaimer for AI-assisted output
Retention, deletion, and export references
Responsible disclosure routing
LEGAL_REVIEW_REQUIRED placeholders for contracts, transfers, and subprocessors
Responsible disclosure
Security reports, suspected unauthorized access, and AI data handling concerns should be sent through Caseflow support for routing to the appropriate reviewer.
LEGAL_REVIEW_REQUIRED: publish a dedicated security contact, vulnerability disclosure policy, response SLA, or bug bounty statement only after operational approval.
publicSite.components.public.site.public.site.cta.15.ready_for_clearer_case_work
Review Caseflow with clear trust, privacy, and AI governance context.
Start with the Trust Center, then review security, privacy, AI handling, terms, and support resources before moving sensitive case work into Caseflow.