ExpertMedical - Security Trust Center

ExpertMedical - Trust Center

Compliance and Security Portal for ExpertMedical.

Visit ExpertMedical

Trust & Security at ExpertMedical

At ExpertMedical.ai, our mission is to revolutionize medical expertise through innovation, while maintaining the highest standards of data integrity and patient privacy. As a platform handling sensitive health information, we recognize that trust is the foundation of our relationship with medical professionals and their patients.

This Trust Portal provides real-time transparency into our security posture and compliance framework. Our infrastructure is built on Google Cloud Platform (GCP) and features advanced security measures, including AES-256-GCM encryption for PHI and automated compliance monitoring. We are committed to continuous improvement and rigorous adherence to industry standards—including ISO 27001, SOC 2 Type II, TGV and Quebec’s Law 25—to ensure your data remains protected, available, and confidential.

Framework overview

An overview of ExpertMedical's compliance status across common frameworks like SOC 2, ISO 27001, ISO 9001, and GDPR.

26Policies

An up to date list of policies published internally by ExpertMedical.

Access Control & Least Privilege

Secure Configuration & Hardening

Compliance & Regulatory Monitoring

Vendor & Third-Party Risk

Authentication & Password

Privacy & Data-Subject Rights

Risk Management

Information Security & Privacy Governance

Code of Business Conduct

Background Screening & On/Off-boarding

Sanctions & Disciplinary

Backup, Business Continuity & Disaster Recovery

Logging, Monitoring & Audit

Security & Privacy Awareness Training

Acceptable Use & Workstation Security

13Controls

An up to date list of controls published internally by ExpertMedical.

Data recovery

Employee Verification

TLS / HTTPS

Data Masking

Production Firewall & No-Public-Access Controls

Secure Storage

Backup Restoration Test

Employee Descriptions

Access Review Log

Secure Devices

Building / Workplace Rules

Office Access & Door Monitoring

2FA

11Subprocessors & Vendors

Third-party vendors and subprocessors used by ExpertMedical.

Anthropic

SOC 2,ISO 27001,ISO 42001,HIPAA

Backofficely

RETOOL AGENCY PARTNER

CompAI

SOC 2,ISO 27001,HIPAA,GDPR

Firebase

GitHub

SOC 2,PCI DSS,GDPR

Google Cloud

SOC 2,ISO 27001,HIPAA,PCI DSS,GDPR,ISO 9001

Google Workspace

SOC 2,ISO 27001,ISO 42001,HIPAA,PCI DSS,GDPR

OpenAI

SOC 2,ISO 27001,ISO 42001,PCI DSS,GDPR,HIPAA

Postmark

Sentry

SOC 2,ISO 27001,HIPAA

Stripe

3Additional Resources

Download additional resources shared by ExpertMedical.

EM-SGSI-LEG-TERMS-OF-SERVICE-SAAS-EN-001_v1.0.pdf

EM-SGSI-LEG-DPA-EN-001_v1.0 .pdf

EM-SGSI-LEG-PRIVACY-POLICY-EN-001_v1.0.pdf