We store customer data including audio files, transcripts, health data, identification data, and usage data (IP addresses etc). Data is retained for the duration of your customer agreement. Upon termination/expiration of the commercial contract, all personal data is deleted within 30 days.

Yes, customers have full control over their data. Your confidential information belongs to you. You can delete data immediately after an interaction or anytime using our Delete Interaction API.

Corti signs BAAs and complies with HIPAA for U.S. customers. Protected Health Information, or PHI, is any health information that includes any of the 18 elements identified by HIPAA and maintained by a covered entity or any information that can be reasonably used to identify a person.

No, customer data is not used for AI training by default. Customer data is owned by you and is part of your confidential information. Training use is only possible if explicitly agreed upon within the DPA/contract.

Corti's models are trained with:

We also use open source models as baseline parameters, then apply various methodologies to refine other model parameters. Our proprietary training process begins with extensive, carefully curated datasets covering medical terminology, healthcare specialties, patient interactions, and coding best practices.

Data is processed on Microsoft Azure infrastructure in two main regions: the European Union (Netherlands, Ireland, and Sweden) and the United States. Corti’s primary data processing facility is located in Amsterdam, the Netherlands, with a secondary backup site in Dublin, Ireland. U.S. customers may opt to have their data processed within the U.S. environment.

The purpose of processing data is to deliver and maintain Corti’s services in accordance with the customer agreement. This includes providing, operating, and improving our products, ensuring service reliability and security, and fulfilling our contractual obligations to the customer.

Corti's Customer success and technical support team are based in the United States, and may access non-sensitive personal data for troubleshooting, incident resolution, and QA. This processing only applies if a customer chooses not to opt-out of United States-based support, otherwise, all data will remain in the EU.

Corti conduct thorough risk assessments for all sub-processors involved in our data processing activities to maintain accountability throughout the entire processing chain. Our vendor management program applies appropriate technical and organizational security controls proportional to the service type and associated risks. Prospective third-party vendors are vetted through a process ensuring they comply with our confidentiality, security, and privacy requirements for the duration of their relationship. All sub-processors must adhere to stringent data protection requirements when processing EU data.

All customer data is encrypted at rest (using AES-256 encryption algorithm) and in transit (TLS 1.2 or higher).

Data is not encrypted while in use, as the capabilities of Corti’s systems and models require that users to be able to see the data when:

The processing of data is also decrypted, as the capabilities of Corti systems require the processing of content (e.g., processing of audio or text) by our models. Nevertheless, access to such data in clear text is always protected by required authentication and authorized users or services.

Corti has multiple ways to support explainability as we understand that AI explainability in healthcare is instrumental to ensure doctors can trust AI and be in the loop for feedback.

When facts are generated, each is organized into a fact group, allowing users to see which facts were used to produce the document, creating a transparent approach to document creation.

See Corti's documentation to learn more about FactsR

”Rather than summarizing the full conversation in one go, it breaks the task into three core stages:

Clinicians can quickly review, accept, or adjust facts as needed to accurately generate documents.

By default, all customers have their own tenant in a multi-tenant environment where data is logically segregated. Corti's multi-tenant environment is as safe as a single-tenant environment.

Having a multi-tenant environment allows Corti to be efficient and streamlined in our operations.

A client may require a specific environment, other than the existing EU and US environments, if compliance laws and regulations from a specific country would forbid processing in either the EU or the US. These are rare cases as in most jurisdictions, data transfers to the EU are widely accepted because EU privacy laws are among the strictest in the world.

A sovereign cloud is a cloud hosting setup where a customer’s applications and data are fully deployed within the customer’s own cloud environment (instead of in the vendor’s cloud). The goal is to give customers maximum control over where their data lives, how it is managed, and who can access it, ensuring compliance with strict privacy, security, and localization regulations.
​

In the context of Corti’s Sovereign Cloud hosting, here is what it means:

Onboarding/implementation phase: The Forward Deployment team evaluates compatibility, adjusts infrastructure, and ensures performance.

Operational access: In some agreements, Corti may not be allowed direct access to the customer’s environment. If so, operations and maintenance must be handled by the customer’s engineers. Corti’s team provides training and enablement so the customer can take full ownership. If Corti is permitted access, Corti can handle deployment, operations, and maintenance directly while the customer handles the cloud provider as a vendor (including cloud hosting and provision costs).

Why it matters: A sovereign cloud setup helps organizations meet strict privacy and data sovereignty laws, while still benefiting from Corti’s platform.

Click here to learn more about sovereign clouds

Corti recognizes the importance of privacy and security certification and accreditation for demonstrating compliance with industry best practices for protecting sensitive healthcare information. We align our controls with industry standards and regulatory requirements, ensuring our management system adheres to the best industry frameworks. You can see all our certifications and accreditations here and in the Corti Trust Center.

By default, all customer data is encrypted at rest (using AES-256 encryption algorithm) and in transit (TLS 1.2 or higher).

Authentication for the Corti API relies on OAuth 2.0. It is the current and most widely adopted version of the open-standard framework for access delegation, allowing applications to securely access a user’s protected resources without exposing their login credentials. More information can be found in our Authorization Documentation.

While encryption at rest and in transit is something Corti handles on its end, by default, the flow of authentication depends on customer implementation. Options for flows of authentication are explained in the documentation linked above.

While in use, Corti AI models process the full, non-anonymized input data. Audio files are processed, but not manipulated by the AI model. The models process audio files and other data as input to create output. No audio data (nor any customer data) is transformed or used for training purposes without the customers’ direct instructions.

At Corti, no customer data from one customer is ever shared or mixed with that of another customer. Data segregation, as per default, occurs via logical segregation controls between tenants in a multi-tenant environment. Following the principles of “ISO/IEC 27040, Information technology - Security techniques”, Corti implements strong controls in its multi-tenant environments (EU & US) to ensure that data from one tenant cannot be accessed or revealed to another tenant. Such controls include robust encryption and key management, implementing thorough access controls, auditing and logging, and performing proper sanitization.

Our multi-tenant environment data segregation does not present additional risks when compared to data segregation that could be offered by a single-environment per customer setup. That is, our multi-tenant environment is as secure as a single-environment per customer setup from a data segregation perspective.

Additional requirements for isolation can be achieved by the forward-deployed sovereign cloud solution.