Where can I get information about MPEP AI's security practices?

Detailed security and compliance documentation for MPEP AI is in progress. For the current encryption, access-control, audit-logging, and data-residency posture — and for any security-questionnaire response — request a conversation with the founding team via /book-demo.

Attorney-grade security for an agentic workspace.

MPEP AI is built for the materials attorneys actually handle — privileged matters, draft work product, client-confidential exhibits. Here's how we keep them private, isolated, and auditable.

Compliance posture

What's in production today vs. what's on the roadmap. We don't list ship dates on planned items until we've signed the engagement — overpromising security work is its own security problem.

TLS 1.3 in transitBrowser, application, and managed-cloud storage all over TLS 1.3.

Live

Per-user / per-matter scopingApplication-layer access enforcement across documents, notes, and chats.

Live

AES-256-GCM for note attachmentsApplication-level encryption for uploaded attachments, per-user keys.

Live

Tool-call audit trailPer-turn record of every tool invocation, with matter + privilege metadata.

Live

No-training commitmentCustomer matter content excluded from all model training (no exceptions).

Live

SOC 2 Type IIIndependent control attestation — vendor selected, observation window not yet started.

Planned

HIPAA Business Associate AgreementAvailable for enterprise engagements that need it; not offered on the public plan.

Planned

Need a security questionnaire or a deeper review?

Our team will walk you through controls, encryption posture, and per-matter isolation. Mention the engagement in the waitlist form and we'll loop you in.

Talk to the team →

Last updated: May 25, 2026