Trust Center
Last reviewed: June 15, 2026
MedLegal101 handles sensitive legal and medical information, so security, privacy, and reliability are core to the product. This page is the single place to find how we protect your data and the policies that govern the platform. Each section links to the authoritative source document.
Security
Data is encrypted in transit (TLS) and at rest (AES-256 across the database, file storage, and backups). Access is governed by role-based permissions, server-enforced session and idle timeouts, and multi-factor authentication that is strongly recommended for privileged accounts. The platform runs on Amazon Web Services (US, us-east-1) using HIPAA-eligible services within isolated environments.
Privacy & data
We collect only what is needed to operate the platform, never sell personal information, and support access, correction, and deletion requests. Our Privacy Policy, Cookie Policy, and sub-processor list describe exactly what data we process and who processes it on our behalf.
Compliance
MedLegal101 operates under Business Associate Agreements (HIPAA) with its infrastructure and AI providers — including AWS and Google Cloud / Vertex AI (BAA signed March 16, 2026) — and signs BAAs with the law firms it serves. Customer data is not used to train AI models. We publish our sub-processors and notify firm administrators at least 30 days before adding a new one.
Reliability
Live system status, uptime, and incident history are published on our status page, which stays reachable even during an outage when you may be unable to sign in.
Legal
The platform is operated by MEDLEGAL 101, S.A. Our Terms of Service and related policies govern use of the platform.
Contact
- Privacy & data requests:privacy@medlegal101.com
- Legal & security reports:legal@medlegal101.com
- General support:support@medlegal101.com