Aspasia is designed for sensitive claim files, regulated review, and enterprise control.
Sensitive claim files
Claim material is handled as regulated operational data, not marketing or training data.
Regulated authority
Aspasia prepares recommendations for review. The adjuster remains the authority of record.
Explainable records
Evidence, sources, agent actions, exceptions, and approvals are preserved for review.
No model training
Customer data is not used to train general-purpose AI models.
Tenant isolation
Customer data is separated by tenant, role, and deployment model.
Traceable AI
Agent actions, sources, changes, and recommendations are logged for review.
No selling or sharing
Firm and client data is not sold. Sub-processors are used only to operate the service.
Data deletion
Customer data can be returned or deleted under the client agreement.
Transparent by design
Recommendations show sources, rationale, confidence, and exceptions.
No credential storage
Aspasia is designed around revocable tokens and identity-provider access.
Encrypted at rest
Stored platform data is encrypted at rest.
Encrypted in transit
Connections use HTTPS/TLS for data in transit.
Role-based access
Access is scoped by role, tenant, and operational responsibility.
Multi-factor authentication
MFA is enforced for production and administrative access.
Deployment choice
Pooled, siloed, and dedicated deployment paths are available.
Penetration testing
Security testing and vulnerability review are handled as part of the product security programme.
Incident response
Incident response covers triage, containment, client notification, and review.
Backups
Backup and restoration controls are documented by deployment model.
Security materials
Security architecture, sub-processor, and data processing materials are available on request.
Security contact
We can share architecture and data processing materials with qualified teams.