Security
The technical posture, stated plainly
This website collects nothing beyond what you submit through the contact form. What follows is the security posture of the CocoMind platform itself, the systems a partnering institution's review will examine.
Encryption
All data is encrypted in transit and at rest.
Processing
HIPAA-aligned, under signed business associate agreements. Model providers run in zero-data-retention configurations.
Access
Least-privilege access controls and audit logging across the processing pipeline.
Custody
Structured outputs are delivered into institution-controlled systems. Audio is retained under the institution's control, not ours.
Review
The stack has passed institutional security review and AI-governance intake at a major academic medical center.
Reporting
Suspected vulnerabilities: jerry.hsieh@cocomind.health