Security

Security & Compliance at SmileForge

Bank-grade encryption and HIPAA-compliant infrastructure.

Security

Security & Compliance at SmileForge

Bank-grade encryption and HIPAA-compliant infrastructure.

Last Updated: December 2025

1. Executive Summary:

SmileForge is architected with a "Security First" methodology. We understand that clinical data is the lifeblood of your practice. Our platform leverages enterprise-grade cloud infrastructure to ensure Confidentiality, Integrity, and Availability (CIA) of all Protected Health Information (PHI).

We operate under a shared responsibility model, leveraging Google Cloud Platform (GCP) and Supabase Enterprise to provide physical and network security that meets or exceeds HIPAA, GDPR, and SOC 2 Type II standards.

2. Infrastructure & Network Security:

Cloud Environment

Provider: Google Cloud Platform (GCP), region us-west1 (USA).
Certification: GCP is ISO 27001, ISO 27017, ISO 27018, SOC 1/2/3, PCI DSS, and FedRAMP High compliant.
Isolation: SmileForge services run in isolated containers using Google Cloud Run, ensuring that execution environments are ephemeral and stateless.

Data Encryption

Encryption at Rest: All data stored in our databases and object storage buckets is encrypted using AES-256-GCM (Advanced Encryption Standard). Encryption keys are managed via Google Cloud KMS (Key Management Service).
Encryption in Transit: All data moving between the client (iPad/Desktop) and our servers is encrypted via TLS 1.3 (Transport Layer Security). We force HTTPS on all connections; non-secure HTTP requests are rejected.

Database Security

Row-Level Security (RLS): We utilize PostgreSQL’s native RLS policies. This ensures that data isolation is enforced at the database kernel level. It is mathematically impossible for a query from Clinic A to retrieve records belonging to Clinic B, even in the event of an application-layer bug.
Point-in-Time Recovery (PITR): Database logs are backed up continuously, allowing us to restore the system to any specific second within a 30-day window in the event of a catastrophic failure.

3. HIPAA & AI Compliance:

Protected Health Information (PHI)

Business Associate Agreement (BAA): SmileForge will execute a BAA with covered entities (DSOs and Clinics) upon request, legally binding us to HIPAA safeguards.
Data Minimization: We only collect the specific data required to generate simulations (Visuals, Tooth Morphology, Shade Data). We do not collect Social Security Numbers or Insurance Financial Data.

AI Data Privacy

Ephemeral Processing: Images sent to our AI Inference Engine are processed in a stateless environment.
Zero Training Policy: Your clinical data is NOT used to train public AI models. Input data is used solely for the purpose of generating your specific prediction and is discarded from the inference memory immediately after generation.

4. Application Security & Access Control:

Identity & Authentication

Provider: Authentication is handled via Supabase Auth (fork of Netlify GoTrue), using industry-standard JWT (JSON Web Tokens).
Password Policy: We enforce strong password complexity rules (minimum length, character variety). Passwords are never stored in plain text; they are hashed using bcrypt.

Session Management (Anti-Fraud)

2-Device Limit: SmileForge enforces a strict concurrency limit. A single user license permits only 2 active sessions.
FIFO Rotation: If a third device attempts to login, the oldest session is automatically revoked.
Peer-to-Peer (P2P) Verification: When a login attempt is detected from an unrecognized device fingerprint, the system triggers a mandatory challenge. A 4-digit code is displayed on an existing authenticated device, which must be entered on the new device to grant access. This prevents unauthorized credential sharing.

Audit Logging

Immutable Logs: For Enterprise clients, we maintain an immutable audit log of critical actions, including:
- User Logins/Logouts.
- Record Access (Who viewed Patient X).
- Record Modification (Who changed the Prescription).
- Data Exports.

5. Operational Security:

Employee Access

Principle of Least Privilege: SmileForge engineers do not have default access to customer data. Access to production databases is restricted to the CTO and Lead DevOps, requires VPN authentication, and is logged.
Ghost Mode Support: In the event of a support ticket, our admins use a specific "Impersonation" protocol that generates a temporary read-only token, visible to the user via a "Support Active" indicator on the dashboard.

Vulnerability Management

Dependency Scanning: We utilize automated CI/CD pipelines (GitHub Actions) that scan code dependencies for known CVEs (Common Vulnerabilities and Exposures) before every deployment.
Patch Management: Security patches for our underlying infrastructure (Node.js, Postgres) are applied automatically by our cloud providers.

6. Incident Response:

In the event of a confirmed data breach or security incident, SmileForge is committed to:

Notifying the designated organization administrator within 24 hours of discovery.
Providing a detailed root-cause analysis.
Cooperating fully with any regulatory bodies or forensic audits required by the partner.s.

Security & Compliance at SmileForge

Security & Compliance at SmileForge

Last Updated: December 2025

1. Executive Summary:

SmileForge is architected with a "Security First" methodology. We understand that clinical data is the lifeblood of your practice. Our platform leverages enterprise-grade cloud infrastructure to ensure Confidentiality, Integrity, and Availability (CIA) of all Protected Health Information (PHI).

We operate under a shared responsibility model, leveraging Google Cloud Platform (GCP) and Supabase Enterprise to provide physical and network security that meets or exceeds HIPAA, GDPR, and SOC 2 Type II standards.

2. Infrastructure & Network Security:

Cloud Environment

Provider: Google Cloud Platform (GCP), region us-west1 (USA).

Certification: GCP is ISO 27001, ISO 27017, ISO 27018, SOC 1/2/3, PCI DSS, and FedRAMP High compliant.

Isolation: SmileForge services run in isolated containers using Google Cloud Run, ensuring that execution environments are ephemeral and stateless.

Data Encryption

Encryption at Rest: All data stored in our databases and object storage buckets is encrypted using AES-256-GCM (Advanced Encryption Standard). Encryption keys are managed via Google Cloud KMS (Key Management Service).

Encryption in Transit: All data moving between the client (iPad/Desktop) and our servers is encrypted via TLS 1.3 (Transport Layer Security). We force HTTPS on all connections; non-secure HTTP requests are rejected.

Database Security

Row-Level Security (RLS): We utilize PostgreSQL’s native RLS policies. This ensures that data isolation is enforced at the database kernel level. It is mathematically impossible for a query from Clinic A to retrieve records belonging to Clinic B, even in the event of an application-layer bug.

Point-in-Time Recovery (PITR): Database logs are backed up continuously, allowing us to restore the system to any specific second within a 30-day window in the event of a catastrophic failure.

3. HIPAA & AI Compliance:

Protected Health Information (PHI)

Business Associate Agreement (BAA): SmileForge will execute a BAA with covered entities (DSOs and Clinics) upon request, legally binding us to HIPAA safeguards.

Data Minimization: We only collect the specific data required to generate simulations (Visuals, Tooth Morphology, Shade Data). We do not collect Social Security Numbers or Insurance Financial Data.

AI Data Privacy

Ephemeral Processing: Images sent to our AI Inference Engine are processed in a stateless environment.

Zero Training Policy: Your clinical data is NOT used to train public AI models. Input data is used solely for the purpose of generating your specific prediction and is discarded from the inference memory immediately after generation.

4. Application Security & Access Control:

Identity & Authentication

Provider: Authentication is handled via Supabase Auth (fork of Netlify GoTrue), using industry-standard JWT (JSON Web Tokens).

Password Policy: We enforce strong password complexity rules (minimum length, character variety). Passwords are never stored in plain text; they are hashed using bcrypt.

Session Management (Anti-Fraud)

2-Device Limit: SmileForge enforces a strict concurrency limit. A single user license permits only 2 active sessions.

FIFO Rotation: If a third device attempts to login, the oldest session is automatically revoked.

Audit Logging

Immutable Logs: For Enterprise clients, we maintain an immutable audit log of critical actions, including:

User Logins/Logouts.

Record Access (Who viewed Patient X).

Record Modification (Who changed the Prescription).

Data Exports.

5. Operational Security:

Employee Access

Principle of Least Privilege: SmileForge engineers do not have default access to customer data. Access to production databases is restricted to the CTO and Lead DevOps, requires VPN authentication, and is logged.

Ghost Mode Support: In the event of a support ticket, our admins use a specific "Impersonation" protocol that generates a temporary read-only token, visible to the user via a "Support Active" indicator on the dashboard.

Vulnerability Management

Dependency Scanning: We utilize automated CI/CD pipelines (GitHub Actions) that scan code dependencies for known CVEs (Common Vulnerabilities and Exposures) before every deployment.

Patch Management: Security patches for our underlying infrastructure (Node.js, Postgres) are applied automatically by our cloud providers.

6. Incident Response:

In the event of a confirmed data breach or security incident, SmileForge is committed to:

Notifying the designated organization administrator within 24 hours of discovery.

Providing a detailed root-cause analysis.

Cooperating fully with any regulatory bodies or forensic audits required by the partner.s.

Provider: Google Cloud Platform (GCP), region `us-west1` (USA).