HIPAA Compliant

SOC 2 Type 1

SOC 2 Type 2 In Progress

Built on trust.
Secured by design.

Kenzie is built for clinical environments where the stakes are high. Here is how we protect your data and your patients' information.

Visit Trust Center Start Free

Security

Protecting sensitive patient data.

You and your team handle protected health information every day. Ensuring that data remains secure is a clinical and legal obligation we take seriously at every layer of the platform.

AES-256 encryption at rest
TLS 1.2 / 1.3 encryption in transit
Multi-factor authentication
Role-based access controls
Immutable audit logging
US-only data residency
Inactivity timeout and session controls

AI Ethics

How we handle AI and patient data.

Kenzie does not use patient data — including session notes, transcripts, or any PHI — to train AI models. This applies to Kenzie's own systems and to every AI provider we work with. De-identified, aggregated data may be used for internal product analytics, but never in identifiable form.

Every AI provider whose services may come into contact with PHI is covered by a Business Associate Agreement. There are no exceptions.

Access to patient data is governed by the principle of minimum necessary use. What any individual can access is scoped, logged, and reviewed.

Patient Name

Sarah Mitchell

AES-256

PHI

Session Notes

Anxiety, CBT Week 4

ENCRYPTING...

Clinical

Insurance ID

BC-4481-2290-X

SHA-384

Billing

Date of Birth

03 / 14 / 1989

TLS 1.3

PHI

Diagnosis Code

F41.1 — GAD

AES-256

Clinical

Phone Number

(864) 555-0142

ENCRYPTING...

Contact

Prescriptions

Sertraline 50mg

SHA-384

PHI

Protected

All patient data encrypted

HIPAA Compliance

Kenzie meets all required safeguards — administrative, physical, and technical. Every user is covered by a signed Business Associate Agreement.

Compliant

SOC 2 Certification

An independent auditor has verified that Kenzie's security controls are designed appropriately to protect the data we handle. The Type 2 audit is currently in progress.

Type 1 Certified

Type 2 In Progress

Compliance

Independently verified. Continuously maintained.

Compliance is not a one-time certification. It is an ongoing operational discipline.

Trust Center

Visit trust.getkenzie.com

Start today, free

Practice confidently,
with Kenzie by your side.

Your patients' data is handled with the same discretion you bring to every session. Start free, no credit card required.

Start Free Visit Trust Center

HIPAA compliant SOC 2 Type 1 certified BAA included for all users