Trust Center
Document Version: TC-v1.2-2026-04-27 Effective Date: April 27, 2026
Cora is built for clinical research teams who handle sensitive study data every day. This page describes how we protect your data, what AI processing actually does, the third-party services we rely on, and where Cora stands on regulatory readiness.
We aim for accuracy over marketing language. Where a claim has limits, those limits are stated.
Data Handling
- AI Inference Privacy (Zero Data Retention scope): Cora's AI calls (answer generation, grounding verification, query expansion, embeddings) run through AWS Bedrock with Zero Data Retention enabled. Bedrock does not persist your prompts or responses, and AWS does not use them to train any models. This Zero Data Retention guarantee applies specifically to AWS Bedrock LLM and embedding inference calls. It does not apply to data stored elsewhere in the Cora system (see Subprocessors and Retention below).
- Document Storage: Your uploaded study documents and the text chunks generated from them are stored in Cora's database (Supabase, US region) so we can answer future questions against them. They remain in your organization's tenant and are deleted on request or per the data lifecycle described below.
- No Analytics, Cookies, or Behavioral Tracking: Cora does not use Google Analytics, tracking pixels, advertising cookies, or any behavioral tracking technology. We collect only what is necessary to operate the service.
- PII Detection: Cora includes a built-in PII detector that screens queries for 18 HIPAA identifier types (names, dates of birth, medical record numbers, Social Security numbers, etc.). Queries containing detected PII are blocked before reaching the AI model.
- Data Isolation: Each organization's data is logically isolated using PostgreSQL Row-Level Security (RLS). Users can only access documents and queries belonging to their assigned organization.
AI Transparency
- Retrieval-Augmented Generation (RAG): Cora does not generate answers from general knowledge. Every response is grounded in your uploaded study documents. Source citations with page numbers are included in every answer.
- Grounding Verification: A secondary AI model (Claude Haiku) independently verifies that each answer is supported by the retrieved source chunks. Answers that fail grounding verification are flagged.
- Confidence Scoring: Every response receives a confidence rating (HIGH, MEDIUM, or LOW) based on retrieval quality, grounding verification, and citation coverage.
- LOW Confidence Warning: When confidence is LOW, Cora displays a prominent "Verify with your Principal Investigator" warning. This ensures clinical staff always exercise independent judgment.
- Not a Medical Device: Cora is not designed, intended, or marketed as a clinical decision support system, medical device, or source of medical advice. It is a research and informational reference tool.
Infrastructure
- Database: Supabase PostgreSQL with pgvector for vector similarity search. All data encrypted at rest (AES-256) and in transit (TLS 1.2+).
- AI Processing: AWS Bedrock in the us-east-1 region. All inference calls use on-demand pricing with Zero Data Retention.
- Frontend Hosting: Vercel with automatic TLS certificate provisioning.
- Backend Hosting: Railway with managed deployments and automatic TLS.
- Multi-Tenancy: Row-Level Security (RLS) policies enforce data isolation at the database level. Every query validates the authenticated user's organization membership before returning results.
Subprocessors and Retention
Cora relies on a small number of third-party providers ("subprocessors") to deliver the service. Each provider has its own retention policy. The full list, including the data each provider receives and where it is processed, lives on the Subprocessors page. Retention summary:
| Category | Provider | What is retained | Approximate retention |
|---|---|---|---|
| AI inference | AWS Bedrock (Claude, Nova) | Nothing (Zero Data Retention) | None |
| Reranking | AWS Bedrock (Cohere Rerank 3.5) | Query text and chunk text processed within AWS for relevance scoring; no direct relationship with Cohere | Governed by AWS Bedrock terms (no independent retention by Cohere) |
| Database, file storage, auth | Supabase | All persistent customer data: account info, documents, chunks, embeddings, audit logs | Until deletion request or per the data lifecycle below |
| Backend compute | Railway | Request data in transit; no long-term application storage | Transient |
| Frontend hosting | Vercel | Static assets and proxied requests | Transient |
| Transactional email | Postmark | Email addresses and message bodies for system emails | Per Postmark's standard message retention window |
| Error tracking | Sentry | Error stack traces and request metadata; PII collection disabled | Per Sentry's project retention setting |
| Payments | Stripe | Billing email, organization name, payment method (card data never touches Cora) | Per Stripe's terms |
For exact retention windows, certifications, and data flow per vendor, see the Subprocessors page and our Privacy Policy.
Regulatory Posture
We try to be precise about what Cora is and is not today.
- HIPAA: Cora is built with HIPAA-aligned controls (access controls, audit trails, encryption in transit and at rest, PII screening, RLS-based tenant isolation). However, Cora has not yet executed a Business Associate Agreement (BAA) with AWS. Until that BAA is in place, customers should not transmit Protected Health Information (PHI) through Cora, and Cora is not represented as HIPAA-compliant. Status updates will be reflected on this page.
- FDA: Cora is not an FDA-approved or FDA-cleared device. It is a research and informational reference tool, not a clinical decision support system.
- Accuracy: Cora is grounded in your documents and shows citations on every answer, but no AI system is 100% accurate. The "Verify with your Principal Investigator" warning is shown on every LOW-confidence response, and the accuracy disclaimer is shown at all times.
- Voice: Cora is a text-only chat interface. There is no voice input or output.
Compliance Posture (Controls in Place)
- SOC 2 Type II: SOC 2 audit preparation is in progress. Our security controls, access policies, and monitoring are designed to meet SOC 2 Trust Service Criteria for Security, Availability, and Confidentiality. We are not yet SOC 2 certified.
- Uptime Commitment: Cora targets 99.5% monthly uptime for the production application. Planned maintenance windows are communicated at least 48 hours in advance.
- Immutable Audit Logging: All document operations (upload, re-chunk, delete, version replacement) are recorded in an append-only
document_audit_logtable. UPDATE and DELETE operations on audit records are blocked by database triggers. This supports 21 CFR Part 11 audit trail requirements. - Session Timeout Enforcement: Inactive sessions are automatically terminated to prevent unauthorized access from unattended workstations.
- Multi-Factor Authentication (MFA): TOTP-based MFA is supported for all user accounts, providing an additional layer of authentication security.
- Role-Based Access Control: Three roles govern access: owner_admin, member, and auditor, each with distinct permissions for document management, user administration, and data review.
- Electronic Signatures: Terms of Service acceptance is recorded with the user's typed full name as an electronic signature, along with timestamp, IP address, user agent, and document version. These records are immutable.
- Query Audit Trail: Every user query, AI response, confidence score, and response time is logged in
query_audit_logfor accountability and performance monitoring.
Data Lifecycle
- Active organizations: Customer data is retained for the life of the subscription.
- Suspended organizations (payment failure, post grace period): Data is preserved indefinitely so that the organization can reactivate without loss.
- Cancelled organizations: Data is available in read-only mode for one year so customers can export it, after which customer data is destroyed. Audit logs are retained for three years to support 21 CFR Part 11 sensitivity.
- The obligation to retain regulated study data sits with the research site under 21 CFR 312.62 and ICH GCP E6(R2) 4.9.5; Cora does not assume that obligation.
Contact
For security questions, vulnerability reports, or compliance inquiries, contact us at founders@maxoutput.ai.