Dentscribe's system is hosted in AWS in container based.

Both role based and user based access controls are available for the DentScribe product suite

MFA is enabled for all the users to increase the security levels. The primary objective of multi-factor authentication is to reduce the risk of account takeovers and provide additional security for users and their accounts. Since over 80% of cyber breaches happen due to weak or stolen passwords, MFA can provide added layers of security necessary to protect users and their data.

DentScribe engages in thorough annual risk assessments that span multiple critical teams, including engineering, security, privacy, legal, and AI safety, among others. These assessments are designed to identify and address significant vulnerabilities within our operational environment. The findings from these assessments are carefully reviewed and considered by an executive risk committee, which integrates these insights into broader organizational strategic planning.

DentScribe maintains a rigorously documented Incident Response Plan that serves as our predefined procedure for handling potential security incidents. This plan is systematically reviewed, tested, and approved by appropriate stakeholders on an annual basis to ensure readiness and effectiveness in responding to security incidents.

To ensure the integrity and security of our operations, all new DentScribe employees undergo a thorough background check and sign a non-disclosure agreement upon joining. These measures are part of our annually reviewed HR security policy, which mandates compliance with company policies and procedures designed to safeguard organizational assets and information.

DentScribe is committed to maintaining robust asset management practices that span both virtual and physical assets. Our asset management policy is designed to systematically identify and catalog organizational assets while defining appropriate protection responsibilities and is updated annually.

DenScribe is committed to maintaining a high level of security and privacy awareness among its personnel through comprehensive annual training programs. This training covers critical topics secure communication, data classification, phishing, physical security, social engineering, data privacy, third-party/application security, laptop standard, protect data, and acceptable use.

Dentscribe has a high level network diagram

Dentscribe performs regular vendor risk assessment to evaluate the security practices of our key vendors and partners. This assessment was conducted by our internal security team in collaboration with external cybersecurity experts to provide a comprehensive evaluation.

Vendor risk assessment report attached below:-

Dentscribe conducts a comprehensive risk assessment regularly to evaluate the current security posture of our systems, applications, and processes. This assessment was conducted by our internal security team in collaboration with external cybersecurity experts to ensure a thorough and unbiased evaluation.

View Dentscribe's Risk assessment report below:-

We recently engaged a leading cybersecurity firm to conduct a thorough penetration test of our systems. The objective of this test was to assess our infrastructure, applications, and security protocols against current and emerging threats.

View Dentscribe's latest pentest report below:-

We have a strong internal password policy that includes a requirement for MFA . Passwords are required to meet industry-leading complexity requirements and are stored in a company managed password manager.

DentScribe internal systems access is restricted by stringent access control measures monitored and updated according to industry best practices on a regular basis. Access to internal systems is adherent to the principles of least privilege and separation of duties, subject to regular review by administrators, documented with clear rationales for provisioning and changes, and revoked according to strict termination policies.

Necessary, performance, and targeting cookies may be used to support our services.

You can contact our data protection officer at

hello@dentscribe.ai in matters related to Personal Information processing.

In the event of a data breach involving customer data, notifications will be sent in accordance with the terms of the MSA.

Personnel perform security and privacy awareness training on an annual basis. Topics covered include: Passwords, Mobile devices, Social Engineering, Physical security, Phishing and compliance with HIPAA.

We have a formal Business Continuity and Disaster Recovery plan, which is exercised, reviewed and approved annually. DentScribe also conducts regular testing of critical services, backup systems and operational infrastructure to ensure business continuity requirements are met. Our risk assessment program and business impact analysis are scoped across the organization, reflecting our commitment to preparedness across business areas.

DentScribe's infrastructure is hosted by AWS.

At DentScribe, the production, staging, and development environments are maintained as distinct entities to safeguard operational integrity and data confidentiality. In these separate environments, customer data is strictly prohibited from use in non-production settings, thus ensuring that developmental and testing activities do not compromise data security.

All customer data is encrypted in-transit. DentScribe is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.

All customer data is encrypted at-rest. DentScribe is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards.

DentScribe captures backups on a regular basis to ensure internal and customer data is protected from loss according to our Business Continuity and Disaster Recovery procedures.

DentScribe's Security Defense and Intelligence Team actively monitors the environment for known attacker tactics, techniques, and procedures (TTPs), as well as known malicious binaries and other suspicious activities. These regular activities are complemented by periodic reviews and investigations into anomalous activities to discover unknown threats occurring on a regular cadence.

All employee endpoints are protected with an advanced EDR solution. Endpoint security signals are monitored regularly for anomalous activity.

To protect the confidentiality and integrity of information stored on all employee endpoints, DentScribe mandates full-disk encryption. Additionally, we continuously monitor endpoint security signals to promptly identify and investigate any anomalous activity.

DentScribe's terms of Service govern use of DentScribe associated software applications and websites.

Additional information can be found at https://www.dentscribe.ai/terms-of-use

Safeguarding customer privacy is a core commitment of DentScribe's service.

Additional information on our privacy practices can be found at

https://www.dentscribe.ai/privacy-policy

DentScribe is committed to upholding robust and compliant data processing practices.

Cyber insurance is an integral part of security risk reduction at DentScribe. We maintain an insurance policy with cyber coverage in the event of a security incident that results in financial damages.

A visual representation of a computer or telecommunications network.

Our network activity is logged with specialized detection logic in place to identify potential security threats such as unauthorized access or anomalous behavior. These systems are critical for the early detection of attacks, allowing us to identify attackers and other anomalous behavior and generate alerts for further investigation.

To safeguard our infrastructure, DentScribe utilizes a combination of traditional firewalls. These tools allow us to monitor and control the flow of network traffic, preventing unauthorized access and ensuring data integrity and security